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Data Lockdown 



Key Strategies To Improve 
The Safety Of Customer 
& Employee Data 



by Elizabeth Millard 
• • • 

Locking down customer and employee 
data can be rife with challenges, but prop- 
er security measures are imperative and 
often involve multiple layers of defenses 
and processes. Here's a look at what you 
need to know about protecting your valu- 
able data. 

Security Challenges 

Securing the entire data pathway is a 
difficult task because all data is seen by 
someone, notes Christopher Cain, director 
of software development at AppRiver 
(www.appriver.com), a provider of ex- 
change hosting. 

"In order for a business to comply with 
today's strict regulations, the entire pathway 
for data — from secure storage to the point 
of dissemination — must be secured," he 





Key Points 



Email should be put on an end-to-end 
encryption system rather than a system 
that only encrypts email in transit. 
Putting stronger audit capability on highly 
privileged users can lessen unnecessary 
monitoring of lower-level users. 
Compliance in such industries as health 
care drive the need for greater data securi- 
ty but can also be an opportunity to 
improve systems. 




/ 



says. "It is no longer adequate for organiza- 
tions to simply store customer and employ- 
ee data in an encrypted form on a secure 
server with good access policies in place." 

An important aspect of securing cus- 
tomer and employee data is making sure 
that email controls are in place, Cain says. 



because emails can include financial data 
in spreadsheets or personal information 
transferred from HR to health departments, 
for example. 

Ensuring that transmission of data is 
encrypted is not enough, he believes. 
Go to Page 8 



When Do You Need N+ 1 ? 

Buying Spares Viable Only For Some 



by Carmi Levy 

In today's 24/7/365 economy, data center 
managers are increasingly challenged to 
maximize uptime without blowing the bud- 
get. N-h1, which is defined as having a 
spare component on hand in case the main 
item breaks or requires service, has long 
been used by companies to minimize the 
duration and impact of both planned and 
unplanned outages. 



As small and midsized enterprises shift 
to more sophisticated data center architec- 
tures, knowing whether to incorporate N-h1 
into their operational plan becomes a cru- 
cial decision point. Even if they decide 
N-h1 makes sense, buying doubles of 
everything simply isn't feasible. Knowing 
which components should be bought and 
stored as spares — and which ones can be 
left alone — is critical to balancing avail- 
ability with budget. 



"A lot of companies actually don't know 
what kind of spares they should have 
because they don't do an adequate job of 
assessing the mission criticality of a partic- 
ular device," says Jack Gold, president and 
principal analyst of J. Gold Associates 
(www.jgoldassociates.com). "If you've got 
a number of redundant servers and you can 
keep going if one of them fails, it may 
or may not be a big deal. But if you're a 
Go to Page 8 
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■ Product Spotlight: Tape Backup page 32 

■ Although there's no way to turn back the tide of data, 
there are ways for organizations to trim backup costs 
and keep from drowning in idle data page 34 

■ Revinetix RevOS Release 3.2 offers enterprise-class 
features, including byte-level replication, data dedupli- 
cation, and central administration page 34 
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■ Robust physical access controls and policies 
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strategy page 35 

■ Security solutions provider Encryptx offers a particu- 
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servers, or both page 36 
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■ Faced with mobile anarchy, many SMEs have initiat- 
ed attempts to standardize mobile equipment. But it's 
been an uphill battle page 41 

DATA CENTER 
MANAGEMENT 

■ As small and midsized enterprises shift to more 
sophisticated data center architectures, knowing whether 
to incorporate N+1 into their operational plan becomes 
a crucial decision point page 1 

■ Making a move toward energy efficiency is on the 

minds of many IT professionals page 42 

■ Just how personal can an SME allow a worker's com- 
puter to be? Experts agree that there is a broad continu- 
um of allowable customization page 43 



News 



I Three Indicted For Comcast Attack 

Three individuals have been indicted for an 
attack they made on the Comcast.net Web site 
in May 2008. Christopher Allen Lewis (19), 
Michael Paul Nebel (28), and James Robert 
Black Jr. (20), members of the Kryogeniks 
hacker gang, are each facing a possible five 
years in prison and a $250,000 fine for hacking 
Comcast's site to redirect visitors to a page of 
their own making. Lewis claims to have made 
two phone calls that gave him the information 
he needed to access Comcast's DNS infor- 
mation, while Nebel allegedly logged into a 
Comcast email account that let him communi- 
cate with Comcast's DNS registrar. Comcast 
claims to have lost $128,578 due to the attacks. 

I New SSL Exploit 
Could Hit Various Sites 

Leviathan Security Group CEO Frank Heidt 
says he has found a way to exploit the SSL 
Authentication Gap bug that was disclosed on 
Nov. 5. The exploit could supply hackers with a 
powerful phishing attack. Heidt says this attack 
would be difficult to pull off and would require 
a hacker to first employ a man-in-the-middle 
attack. If the attack were used, it could change 
the data being sent to the SSL server and 
eventually redirect users to an unsecured 
site where their sensitive information could 
be stolen. 

I Verizon's Anti-AT&T Ads Will Continue 

A U.S. District Judge has denied AT&T's 
request for a temporary restraining order 
against Verizon's "There's A Map For That" ad 
campaign, which AT&T calls "misleading." The 
ads show maps of 3G coverage for both com- 
panies, with Verizon's coverage shown as 
much larger than AT&T's, which AT&T believes 
is unfair and misleading to its subscribers. 
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Verizon countered with a legal brief stating its 
ads were true and that "the truth hurts." For its 
part, AT&T has never denied that Verizon's 
representation of the two companies' 3G cover- 
age was false, just that it could represent false 
information on whether AT&T's wireless Inter- 
net services could be used outside of the 3G 
coverage. AT&T will be allowed to plead its 
case in court on Dec. 16. 

I Senators Seek Tougher 
H-1B Hiring Restrictions 

Senators Bernie 
Sanders (l-Vt.) and 
Charles Grassley (R- 
lowa) have teamed 
up to introduce the 
Employ America Act, 
which prohibits compa 
nies from hiring H-1B 
guest workers if they 

have had to lay off 50 or more employees. The 
idea behind the act is that, given the recent lay- 
offs in the technology industry, there are more 
than enough American workers in need of jobs, 
so the hope is that the bill will help boost the 
employment rate for American workers. In 
February, Sanders and Grassley also helped 
to establish guest-worker hiring restrictions in 
the TARP (Troubled Assets Relief Program) 
that funded the financial bailout. 

I European Commission Extends 
Oracle/Sun Antitrust Deadline 

The European Commission announced it is giv- 
ing Oracle and Sun Microsystems an additional 
week to plan a response to antitrust concerns 
expressed by the commission. Oracle will now 
have until Jan. 27 to prepare a defense for its 
$7 billion merger with Sun Microsystems. 
Regulators from the European Union have for- 
mally charged that the deal would create an 
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information provides a quick glimpse of current and historical stock 
IS and trends for 14 major companies in the technology market. 



Company 


Symbol 


Year Ago 


Nov. 12$ 


Nov. 24 $ 


% change from 
previous issue 


AMD 


AMD 


$2.13 


$6.48 


$6.95 


A 7.25% 


CA 


CA 


$16.08 


$21 .77 


$22.04 


A 1 .24% 


Cisco Systems 


CSCO 


$16.39 


$23.40 


$23.74 


A 1 .45% 


Dell 


DELL 


$11.05 


$15.45 


$14.32 


T7.31% 


Google 


GOOG 


$292.09 


$567.85 


$583.09 


A 2.68% 


HP 


HPQ 


$35.21 


$49.70 


$50.19 


A 0.99% 


IBM 


IBM 


$81.67 


$126.26 


$127.93 


A 1 .32% 


Intel 


INTC 


$13.97 


$19.68 


$19.39 


T 1 .47% 


McAfee 


MFE 


$30.41 


$42.26 


$40.86 


▼ 3.31% 


Microsoft 


MSFT 


$20.49 


$29.36 


$29.91 


A 1 .87% 


Oracle 


ORCL 


$16.14 


$22.04 


$22.14 


A 0.45% 


Red Hat Software 


RHT 


$9.48 


$27.97 


$27.50 


T 1 .68% 


Sun Microsystems 


JAVA 


$3.11 


$8.60 


$8.51 


T 1 .05% 


Symantec 


SYMC 


$12.17 


$17.34 


$17.94 


A 3.46% 



unfair market advantage for database software. 
Specifically, the commission is concerned 
about the fact that as part of the purchase, 
Oracle will acquire open-source database plat- 
form MySQL, which was purchased by Sun for 
$1 billion. 

IHPQ4 Profit Jumps 14% 

Although revenue dropped in HP's software 
and hardware divisions in its fiscal fourth quar- 
ter, overall profits were up by 14% to $2.4 bil- 
lion, or 99 cents per share. Service revenue 
also rose by 8%, positioning HP for strong 
signings next year. For all of fiscal year 2009, 
HP came out with $1 14.6 billion in revenue, 
which is down 3% from 2008. HP expects bet- 
ter numbers for its fiscal 2010 earnings, pre- 
dicting revenues to increase to between $118 
billion and $119 billion. 

I Brocade's Revenue Up, Profit Down 

Brocade Communications released its fiscal 
fourth-quarter results, reporting a strong 31% 
quarterly growth in revenue and a 33% growth 
in revenue for the year as a whole, although its 
04 earnings were down 5% year-over-year, 
dropping from $35.6 million to $33.6 million. 
Revenue topped out at $521 .8 million in 04 
2009, compared to $398.5 million in the same 
quarter of 2008. Brocade's revenues for fiscal 
2009 were up from $1 .47 billion to $1 .95 billion. 

I Femtocell Demand 

Lower Than Originally Thought 

According to a study by ABI Research, the 
market for femtocells (a base station that uses 
an existing broadband connection to help send 
and receive cellular signals) is about 55% 
lower than expected. ABI forecasts that about 
350,000 femtocells will be shipped by the end 
of this year. The study indicates that the eco- 
nomic recession has hurt demand, as has the 
fact that femtocells aren't currently subsidized 
and come with a monthly service plan. Many 
devices can cost up to $250. ABI still estimates 
that the market for femtocells will increase over 
the next five years. 

I Intel Working On Energy-Efficient 
Research Chip 

Intel indicated that it has developed a many- 
core processor that will improve energy effi- 
ciency in the data center. Previously, Intel had 
experimented with an 80-core chip, and the 
prototype offered teraflop performance while 
requiring less energy than a traditional quad- 
core processor. Intel says that the new chip is 
designed to be generally programmable, and 
although the cores offer lower performance 
than a traditional processor, you can configure 
the chip to use only a needed number of cores 
for a job. When certain cores begin to heat up, 
they could automatically shut down and the idle 
cores would take over. 



NOTE: This information is meant for reference only and siiould not be used as a basis for buy/sell decisions. 
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I Gartner Foresees Rebounding 
Global Chip Revenues 

Recent research from Gartner predicts that 
revenue from global semiconductor sales is 
expected to reach $226 billion for 2009, which 
would mark an 1 1 .4% decrease from 2008 
when revenue totaled $255 billion. Despite the 
decrease, the total is actually an improvement 
from the Q3 2009 projections Gartner made, 
forecasting revenue would decline at a 17% 
clip. Gartner predicts that revenue for 2010 will 
climb 13% from 2009 to reach 2008's total of 
$255 billion. Leading the semiconductor recov- 
ery are PCs, which have performed better than 
expected; in fact, Gartner changed its previous 
predictions of double-digit declines for PCs to a 
forecast of low-single-digit declines. 

I Survey Predicts Increased 
SaaS-Based Email Functions 

Sendmail and Osterman Research have 
revealed the results of an October-conducted 
study suggesting that "security dominates the 
SaaS market today" and that, in the future, orga- 
nizations are likely to outsource such email 
security functions as antispam, bulk email, 
antivirus, and anti-malware. Reasons that more 
companies aren't currently outsourcing functions 
varied from concerns over privacy, retrieving 
outsourced data, regulatory compliance issues, 
and a fear of loss of control. In actuality, accord- 
ing to Michael Osterman, president of Osterman 
Research, "moving commoditized services to 
the cloud provides enterprises with more choice, 
agility, control, and protection." Osterman says 
20% or more of those surveyed report they're 
outsourcing some email functions to a SaaS 
solution, but the number will rise to 38% in two 
years. Elsewhere, 40% of companies surveyed 
are currently outsourcing some part of their 
email infrastructures, with antispam (64%) and 
bulk email (46%) being the most common. 

I Hearing Set For Google 
Settlement Case 

The final hearing date for the revised legal 
settlement between the Authors Guild and 
the Association for American Publishers vs. 
Google has been set for Feb. 18, 2010. The 
settlement proposal stems from lawsuits filed 
by the two parties in 2005, accusing Google of 
copyright infringement. According to the law- 
suits, the Internet search company scanned 
books to digitize a full copy online without get- 
ting the copyright owner's permission for each 
title. Google reached a settlement with the 
companies in the fall of last year; however, 
strong criticism of the settlement fueled the 
revision. The proposed revision seeks longer 
time for authors to claim compensation and a 
larger percentage of the sale. 

I Dell Reports Declining Earnings 

Dell's fiscal third quarter of 2010 showed mostly 
declining figures. The company reported its total 
revenue as $12.9 billion, down 15% since the 
third fiscal quarter of 2009. The company also 
reported its total income as $337 million, down 
54% since the third fiscal quarter of 2009. Dell 
has been trying to decrease costs and build up 
its enterprise after the company's deep invest- 
ment in business costumers suffered during the 
economic downturn of the past year. 

I Employee Retention 
A Major Concern For ClOs 

Recent research from Robert Half Technology 
indicates that although IT employees were will- 
ing to ride out the economic downturn with their 
current employers, many may be looking to find 
new employment once the economy stabilizes. 
According to the firm's survey of 1 ,400 ClOs in 
the United States, 43% of those surveyed indi- 
cated that employee retention will be their top 
priority in the next year. Moreover, 21% intend 
to provide additional training and professional 
development for their IT workers, many of 




whom have endured longer working hours, 
reduced compensation, and/or fewer benefits 
during the recession. 

I IBM Simulates Brain Function 

Recent findings from IBM Research - Almaden 
show that it takes 147,456 processors and 
144TB of RAM to surpass the brainpower of a 
single house cat. The research group recently 
staged an almost real-time cortical simulation of 
the brain using Lawrence Livermore National 
Lab's Dawn Blue Gene/P supercomputer. Along 
with the new BlueMatter brain function mapping 
algorithm IBM developed with Stanford Uni- 
versity, the simulation provides insight into the 
way the brain represents and processes vast 
amounts of information in such a compact, low- 
power structure. The DARPA-funded research 
aims to produce a derivative chip. 

I AOL To Cut Workforce 

Not long after 
announcing that it 
would spin off from 
Time Warner effec- 
tive Dec. 9, AOL 
announced plans 
to cut its workforce. The cuts will affect about 
2,500 employees— about a third of the compa- 
ny's total employee count. AOL says the layoffs 
will save the company about $300 million per 
year. The company has asked for volunteers 
effective Dec. 4 but will implement an involuntary 
layoff system if needed. According to AOL's filing 
with the United States Securities and Exchange 
Commission, AOL expects to incur restructuring 
charges of up to $200 million, most between the 
Dec. 9 spin-off date and the first half of next year. 

I Cisco Raises Tandberg Offer 

Cisco says it's now willing to pay $3.41 billion, or 
19 billion Norwegian crowns, for videoconferenc- 
ing equipment maker Tandberg. The new bid, 
which Cisco says will be its last, is 10% higher 
than Cisco's original offering price of $3 billion, 
which it made on Oct. 1 . Industry insiders expect 
Tandberg's board and shareholders to approve 
the higher offer. At least 90% of Tandberg's 
shareholders need to approve the deal; about 
40% have already done so. Tandberg's board 
has also approved of the new price. 

I Report Offers Look Inside 
Security Product Testing 

A report from ICSA Labs, a division of Verizon 
Business, shows that most security products do 
not pass initial certification testing and that a 
number of products are eventually dropped and 
never pass certification. ICSA has been testing 
and certifying security products for 20 years. 
According to the "ICSA Labs Product Assurance 
Report," only 4% of all security programs attain 
certification in the first cycle of testing, and 82% 
eventually attain certification after an average of 
two to four testing cycles. Even after certifica- 
tion, manufacturers often have a difficult time 
maintaining product certifications, with 36% of 
previously certified security products showing 
violations during post-certification testing and 
13% of products eventually losing certification. 

I Ciena Acquires Nortel's Metro 
Ethernet Business 

After defeating Nokia Siemens Networks and 
One Equity Partners with a $769 million bid, 
Ciena will acquire the optical networking and 
carrier Ethernet assets of Nortel Networks' 
Metro Ethernet networks business. Nortel, 
which filed for bankruptcy protection in January, 
is selling its Metro Ethernet business to Ciena 
for $530 million in cash and $239 million in 
convertible notes. Nortel's Metro Ethernet busi- 
ness has a large customer base, including cus- 
tomers such as AT&T, Verizon, and Comcast. 
As part of the deal, Ciena will acquire 2,000 
Nortel employees, which will almost double the 
amount of workers Ciena currently employs. 
The deal is expected to close in 01 2010. 



I Survey: Business Associates 
Not Ready For Breach Rules 

A new survey has found that business asso- 
ciates who handle private patient information 
for healthcare providers are unprepared to 
meet the data breach obligations included in 
the Health Information Technology for Eco- 
nomic and Clinical Health Act. For example, 
one-third of business associates, such as 
those in billing, claims processing, and prac- 
tice management, were not aware they needed 
to comply with HIPAA regulations; compara- 
tively, only 13% of healthcare providers were 
unaware. The study, conducted by HIMSS 
(Healthcare Information and Management 
Systems Society) Analytics and commissioned 
by security vendor ID Experts, found that 85% 
of healthcare providers plan to take steps to 
protect data held by business associates. 

I Legislation Would Ban P2P Use By 
Federal Employees 

A House committee chairman proposed legisla- 
tion that would ban federal employees from 
using public peer-to-peer networks such as 
Limewire and set policies for employees who 
remotely access government networks. Under 
the Secure Federal File Sharing Act, federal 
agencies will have to set P2P use policies for 
employees and contractors and create security 
systems to detect and remove prohibited soft- 
ware. The proposal comes weeks after a P2P 
security breach leaked details on dozens of 
House Ethics Committee investigations. Other 
P2P security breaches in the past year leaked 
documents about the president's helicopter, the 
location of a Secret Service safe house for the 
first family, and financial information belonging 
to Supreme Court Justice Stephen G. Breyer. 

I Report: Countries Preparing 
For Cyberwar 

According to a report released by McAfee, major 
countries are engaged in a "Cyber Cold War" 
and are amassing cyberweapons and testing 
networks in preparation for using the Internet to 
conduct war. China, France, Israel, Russia, and 
the United States have developed "advanced 
offensive cyber capabilities," while the UK, 
Germany, and North Korea are known to be 
developing their own capabilities, as well. The 
fifth annual Virtual Criminology report finds that 
although there's no common definition of cyber- 
war, "banking and finance, electricity grids, oil 
and gas refineries and pipelines, water and sani- 
tation utilities, and telecommunications systems 
are all targets for cyber attacks in future wars." 

I State Of The PC Market 

Gartner's latest data about PC industry perfor- 
mance shows that global PC shipments will be 
up by 2.8% for the year, which is in stark con- 
trast to the 1 1 .9% decline Gartner predicted for 
PC shipments at the beginning of the year. 
Desktop PC shipments are selling sluggishly— 
Gartner predicts a 9% drop in shipments for 
2009— but strong sales of netbooks and mobile 
PCs in the third quarter more 
than wipe out the desktop 
downward spiral. 
Gartner expects 
mobile PCs to 
ship somewhere 
in the neighbor- 
hood of 162 mil- 
lion units by the end of 
2009, which represents a 15.4% 
increase compared to last year. Although unit 
sales are up, Gartner logically expects overall 
PC revenues to drop by 11% from last year's 
levels due to the lower average selling prices of 
netbooks compared to desktop PCs. Gartner is 
also reporting that Windows 7 seems unlikely 
to impact PC shipments for the year. For next 
year, Gartner expects PC shipments to be up 
by 12.6% compared to this year, and revenues 
will also see a slight 2.6% bump, as well. 
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Are you looking to learn more about data center 
or IT topics? Network with some of your peers? 

Consider joining a group of data center 
professionals. If you have an event you'd like 
listed, please send an email to 
feedback® processor.com. 
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AITP Garden State 
Dec. 8 

www.aitp.org/organization/chapters 
/chapterhome.jsp?chapter=21 



AITP Washington, D.C. 
Dec. 8, 6:30 p.m. 
Alfio's Restaurant 
4515Willard Ave. 
Chevy Chase, Md. 
aitpwashdc.ning.com 

ISSA New England 

Dec. 8 
www.issa-ne.org 



PASS Wisconsin SQL 
Server User Group 
Dec. 8 
Green Bay, Wis. 
wisconsin.sqlpass.org 



AFCOM Central Ohio 
Dec. 9, 11:30 a.m. 
Columbus, Ohio 
www.afcomcentralohio.org 



AFCOM Greater Philadelphia, 
New Jersey, and Delaware 

Dec. 10 
www.afcommidlantic.com 



Arizona Technical 
Council 
Dec. 10 
Phoenix, Ariz. 
www.aztechcouncil.org 



Boston Society for 
Information Management 
Dec. 10 

www.simnet.org/Chapters/Northeast 
/Boston/tabid/78/Default.aspx 



SQL Server Society Of Las Vegas 
Dec. 10, 6 p.m. 
Henderson, Nev. 
sssolv.com 

AITP Pittsburgh 
Dec. 14, 6 p.m. 
Sokol Club-Southside 
2912 E. Carson St. 

Pittsburgh, Pa. 
www.aitp-pgh.org 



ISSA St. Louis Chapter 
Dec. 15 
St. Louis, Mo. 
stl.issa.org 



Oklahoma City AITP 
Chapter 
Dec. 15 
Oklahoma City, Okla. 
www.aitp.org/organization/chapters 
/chapterhome.jsp?chapter=40 



AITP Northeastern 
Wisconsin Chapter 
Dec. 16, 4:15 p.m. 
Holiday Inn Select 
150 S. Nicolet Road 
Appleton, Wis. 
new.aitp.org 



ISSA New Jersey 
Dec. 16 
nj.issa.org 



ISSA Oklahoma City 

Dec. 16 
Spaghetti Warehouse 
101 E. Sheridan Ave. 
Oklahoma City, Okla. 
www.issa-okc.org 



AITP Greater Boston 

Dec. 17 
www.bostonaitp.org 



AITP Omaha 
Dec. 17, 5:30 p.m. 

Seraph Corp. 

Omaha, Neb. 
www.aitpomaha.org 



For more Upcoming IT Events, see page 10. 
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The Processor Product Releases section 
includes brief overviews of data center products. 

All products listed have been released recently, so use this section to get 
up-to-date with what's new on the market and to find products you need. 



Manufacturers: 

Do you have a new product that data center/IT 
managers would be interested in learning about? 

Send your press release or product information 
to press@processor.com. 



Clients 



■ Attachmate FileXpress 

Attachmate introduced Attachmate File- 
Xpress, a family of products designed for 
the MFT (managed file transfer) industry. 
The products also assist users with deliver- 
ing large files electronically with any plat- 
form or program. Secure file exchanges 
over the Web are made possible with 
FileXpress as well as B2B integration with 
partners, vendors, suppliers, and customers. 
This is all made possible thanks to File- 
Xpress' tough data security regulations 
through strong encryption, authentication, 
auditing, and role-based administration 
functionalities. FileXpress also enables 
users to move files within the data center 
using the infrastructure that supports sever- 
al platforms, such as Windows, Unix, 
Linux, and IBM z/OS. 

■ EMC My Documentum 

EMC released its My Documentum fami- 
ly of products, which lets users access 
EMC Documentum enterprise content man- 
agement features from Microsoft Outlook, 
Microsoft Windows Explorer, and Mi- 
crosoft SharePoint applications. EMC My 
Documentum for Outlook lets users orga- 
nize, archive, locate, and manage critical 
emails and attachments in the Documentum 
repository. EMC My Documentum for 
SharePoint lets users access content that is 
being managed within a Documentum 
repository through the SharePoint user 
interface. EMC My Documentum for 
Desktop lets users access, save, share, and 



EMC 



secure content in the Documentum reposi- 
tory through Windows Explorer, Apple 
Macintosh Finder, and Microsoft Office 
applications. EMC My Documentum 
Offline is a utility that lets mobile workers 
access the latest versions of content and 
edit, add to, delete, and subscribe to it 
while offline and then sync all updates 
upon reconnecting. 

■ Kyocera Mita America & API Cryptek MFP 
Authentication & Security Solution 

Kyocera Mita America and API Cryptek 
announced that certain Kyocera MFPs now 
offer complete device locking security abil- 
ities via API Cryptek' s Netgard MFD card 
reader appliance. The move means that 
users who want to access such functions as 
copy, scan, email, and fax chores will need 
to authenticate their U.S. Department of 
Defense-issued CAC/PIV Card (Common 
Access Card/Personal Identity Verification) 
and PIN before using the Netgard MFD. 
The ability prevents unauthorized users 
from obtaining privileged materials or 
accessing network resources. Among other 
things, the Netgard MFD supports the 
Homeland Security Presidential Directive, 
which is a mandate for federal agencies to 
implement enhanced security measures to 
safeguard network-enabled devices. 

■ Lenovo Thinl<Centre A70z, A58e 

Lenovo has added its first all-in-one 
desktop to its ThinkCentre enterprise desk- 
top lineup with the ThinkCentre A70z, 
which Lenovo says saves 70% more space 
vs. standard desktops. Aimed at SMEs and 



large corporations, the A70z (starts at 
$499) ships with Windows 7, a 19-inch 
touchscreen widescreen monitor, a DVD 
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burner, six USB ports, two speakers, up to 
500GB of storage, a choice of Intel Core 2 
Duo on through Celeron dual-core proces- 
sors, and optional Wi-Fi and Web cam. 
Lenovo also released the full tower 
ThinkCentre A58e (starts at $349), which 
includes an Intel Core 2 Duo or Celeron 
CPU, Windows 7, up to 320GB of storage, 
up to 2GB of RAM, and a DVD burner. 
Lenovo says by implementing its Power 
Manager, enterprises can save up to 69% 
on power annually on the A58e. 

■ Motorola MC3100 Series 

Motorola released a series of mobile 
computers under the MC3100 product line 
that it says provides industry-leading data 
capture options, enterprise-class motion 
sensing abilities, and the most versatile 
form factor for midrange mobile comput- 
ing available. Beyond offering enterprise 
mobile users one cost-effective product 




for converged voice and data communica- 
tions. Motorola says the MC3100 uses 
the ergonomic, lightweight, and rugged 
design of the MC3000 series. The 
MC3100 series is designed for key-based 
and touchscreen applications and is aimed 
at helping retailers, government agencies, 
and distribution centers streamline busi- 
ness processes, improve productivity, and 
improve customer service and satisfac- 
tion. Among the MC3100 series features 
are the use of Motorola's MAX sensor 
motion-sensing applications, the new 
Mobility Platform Architecture 2.0, MAX 
Secure wireless security, and the Mobility 
Services Platform. 

■ Smith Micro Software Stuff It Deluxe 2010 
For Windows 

Smith Micro Software released Stuffit 
Deluxe 2010 for Windows. The 2010 ver- 
sion includes Stuffit Connect, a cloud- 
based file transfer service that lets users 
share large files without the hassle of email 
attachments or FTP. Stuffit Deluxe 2010 
includes compression methods for image 
files, audio files, PDFs, and Microsoft 
Office documents. Stuffit Deluxe 2010 



STUFFIT 



■ Compress. Secure. Send 
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automatically redirects large files to the 
new Stuffit Connect Web service. Recipi- 
ents receive invitations via email that con- 
tain a link to the hosted file, letting them 
download the shared files quickly and easi- 
ly. Stuffit Connect protects files with 512- 
bit RC4 encryption technology and offers 
the ability to protect download links with 
password access. 

■ Sun Microsystems Sun Ray Software 5 

Sun Microsystems released Sun Ray 
Software 5, which is designed to improve 
the virtual desktop experience and help 
increase data center efficiency. Sun Ray 
Software 5 can deliver a virtual Windows, 
Linux, or Solaris OS desktop to most any 
client device, including Windows PCs and 
Sun Ray thin clients. Version 5 includes the 
Sun Desktop Access Client, which provides 
end users with the flexibility to utilize their 
existing Windows laptops or desktop PCs 
(as an alternative to Sun Ray thin clients) to 
access data and applications in a central- 
ized virtual desktop environment. Sun Ray 
Software 5 also features improved Adobe 
Flash performance, enabling customers to 
experience accelerated Adobe Flash con- 
tent with synchronized audio and video on 
Sun Ray thin clients and Sun Desktop 
Access Client-enabled PCs. 

■ Wyse Technology VMware View 4 & PColP 
Support, Wyse P20 

Wyse Technology announced solutions 
that will support VMware View 4 and its 
PCoIP (PC-over-IP) display protocol. Wyse 
is offering support for PCoIP in its existing 
thin client devices, new devices, and a new 
zero chent— the Wyse P20. The Wyse P20 
is designed to bring the premiere PCoIP 
experience to virtualization users, whether 
operating from a data center, private cloud, 
or public cloud. Wyse is launching support 
for VMware View 4 with integrated sup- 
port for PCoIP across its line of existing 
thin clients, including immediate support 
for Wyse thin clients based on Microsoft 
Windows XP Embedded and Windows 
Embedded Standard. Wyse will also soon 
support PCoIP on its line of Linux and seg- 
ment-leading Wyse ThinOS clients. 



Messaging & Telephony 



■ Intermedia Hosted Exchange 2010 Service 

Intermedia announced it is offering the 
first hosted Exchange 2010 service, which 
adds BlackBerry support and free migration 
from legacy versions of Exchange. The 
hosted service is available to direct cus- 
tomers and affiliates. Features include an 
infrastructure capable of including four 
data centers and secured email and speed 
routing. Users of the hosted service also 
have full control over the Exchange envi- 
ronment, which allows them to delegate 
complex Exchange administration to non- 
technical staff. Intermedia also boasts an 



average hold time of 40 seconds or less for 
technical support. 



Networking & VPN 



■ Airl\/lagnet Planner For 802.1 1 n 

AirMagnet announced AirMagnet Plan- 
ner for 802. lln, a program introduced to 
help enterprises build an 802. lln Wi-Fi 
network. The solution helps network pro- 
fessionals through critical stages, including 
the migration process, WLAN perfor- 
mance, and deployment validation. Air- 
Magnet Planner for 802. lln helps network 
professionals by providing a clear migra- 
tion plan, along with automatic migration 
guidance for current legacy networks. It 
simulates WLAN performance before 
implementation so users can view cover- 
age maps, including Operating mode, 
Channel width, and Maximum Transmit 
MCS rate. Because AirMagnet Planner is 
built into AirMagnet Survey PRO, users 
are able to validate results from the pre- 
dictions rather than the actual results after 
the deployment. 

■ Berl<eley Varitronics Systems Yellowjacket 
b/a/n/g Tablet Analyzer 

BVS (Berkeley Varitronics Systems) 
announced it has updated its Yellowjacket 
b/a/n/g Tablet Analyzer for 802. lln Wi-Fi 
networks following the recent ratification 
of the 802. lln wireless specification. The 
company says the Yellowjacket b/a/n/g 
Tablet Analyzer, as well as its Swarm map- 
ping software, is able to provide compre- 
hensive Wi-Fi measurements, thus making 
it a single tool that IT managers and securi- 
ty personnel can use for such purposes. 

■ Crescendo Networks AppBeat DC CN-7790 

Crescendo Networks released its App- 
Beat DC CN-7790 application delivery 
controller. The controller is designed for 
large Web businesses and hosting providers 
and performs at lOGbps thanks to a propri- 
etary hardware foundation aimed at elimi- 
nating performance degradation and re- 
source conflicts. The lOGbps throughput 
includes continual 6Gbps compression and 
4Gbps SSL throughput, a 70% enhance- 
ment in Web site response times, an up to 
50% reduction in server requirements, an 
85% reduction in bandwidth usage, and a 
30% cut in energy consumption. Crescendo 
says the AppBeat' s platform benefits from 
using a massive parallel processing array 
that provides separate resources for each 
feature, making it possible to offload repet- 
itive tasks to deliver applications quickly. 

■ EMC VMware View 4 Supporting Products 

EMC introduced several products de- 
signed to leverage the power of VMware' s 
recently announced VMware View 4 desk- 
top virtualization solution to deliver a com- 
plete desktop as a managed service solu- 
tion. EMC Storage Infrastructure for 
VMware View lets users deploy hosted vir- 
tual desktops that are more efficient, less 
expensive to maintain, and offer better 
availability than traditional desktops. The 
RSA Solution for VMware View works 
with VMware' s offering to deliver better 
management and more secure virtualized 
desktops. RSA SecurBook for VMware 
View provides detailed guidance for 
deploying and administering key security 
controls in hosted virtual desktop environ- 
ments. EMC also announced new VMware 
View 4 and EMC Virtual Desktop Infra- 
structure consulting services. 
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■ Fujitsu Frontech XG2600 

Fujitsu Frontech unveiled the latest addi- 
tion to its family of XG Layer 2 Ethernet net- 
working switching solutions, the XG2600. A 
lOGbps Ethernet switch for storage and HPC 
uses, the XG2600's 26 ports use less than 
5W each, a power savings of greater than 
30%, Fujitsu Frontech says. It uses SFP+ 
optical modules and can be used with SFP+ 
twinax copper cables, and it comes in 
a space-saving lU module. The company 
says that the XG2600 offers extremely 
low latency, outstanding throughput, and 
high reliability. 

■ ManageEngine Applications l\/lanager 9 

ManageEngine announced Manage- 
Engine Applications Manager 9. This ap- 
plication performance and availability 
monitoring program now includes the 
Oracle E-Business Suite Monitoring and 
the AS 400/iSeries Monitoring to provide 
users with enhanced visibility and more 
control over data center infrastructure. 
ManageEngine Applications Manager 9 
also monitors hardware and software asso- 
ciated with the performance and availabili- 
ty of applications, which includes servers, 
databases, Web services, and middleware. 
Additionally, it features customizable man- 
agement dashboards and Business Service 
Management views. 

■ Net Optics iBypass HD & iLinl< Agg 

Net Optics announced two products: the 
iBypass HD and the iLink Agg. The 
iBypass HD is a high-density security 
bypass switch that supports two to eight 
network segments, with each segment oper- 
ating independently to ensure link protec- 
tion. The switch also includes Net Optics' 
Heartbeat technology, which monitors the 
health of the attached in-line monitoring 
device. The iLink Agg is a 1Gb link aggre- 
gator with high port density designed for 
monitoring applications. With the iLink 
Agg, enterprises apply a pool of monitoring 
tools to as many as eight network links or 
16 Span ports. 

■ nPulse Networl< Systems HammerHead 
lOGbps Capture & Replay 

nPulse Network Systems released the 
HammerHead lOGbps Capture and Replay 
system, which is based on the Napatech 
NT20E 2 X lOGbps In-line adapter. nPulse 
calls HammerHead the first traffic-testing 
product that affordably offers full line-rate 
lOGbps packet capture, record-to-disk, and 
replay abilities. nPulse says HammerHead 
can provide lOGbps test performance at less 
cost than proprietary alternatives by match- 
ing Napatech' s standards-based network 
adapter technology with off-the-shelf multi- 
core server hardware and advanced software 
tools created in a Linux environment. The 




Napatech In-line adapter accelerates net- 
working monitoring system performance 
via a combination of real-time line-rate 
20Gbps packet capture and numerous fea- 
tures designed to offload server CPU 
resources, including nanosecond time- 
stamping, port merging, packet decoding, 
on-the-fly filtering, deduplication, and flow 
identification with intelligent distribution of 
flows up to 32 processor cores. 



■ Oracle GoldenGate 

Oracle unveiled GoldenGate, which is a 
fast real-time data integration and bulk data 
transformation platform that delivers reli- 
able data, instant business intelligence, 
higher online transaction processing perfor- 
mance, and 24/7 continuous data availabili- 
ty for mission-critical systems. Oracle 

GoldenGate supports multidirectional data 
synchronization for distributed systems; 
zero downtime system upgrades; disaster 
recovery; and migrations between hetero- 
geneous databases, OS platforms, and 
servers. Oracle also announced the Gol- 
denGate Veridata utility and Oracle Man- 
agement Pack for Oracle GoldenGate, 
which identify and report on data discrep- 
ancies between heterogeneous databases 
and let users easily manage Oracle 
GoldenGate deployments across the enter- 
prise, respectively. 

■ Radware Alteon 5412 

Radware announced its Alteon 5412 
application delivery platform, which is 
designed to meet the network and applica- 
tion needs of enterprises. The Alteon 5412 
helps enterprises reduce capital expendi- 
tures and capacity planning risks and elimi- 
nate application delivery overspending with 
a "pay-as-you-grow" model. It offers 
response times up to 20Gbps of application 
switching throughput capacity and up to 
340,000 Layer 4 transactions per second. 
The Alteon 5412 also features four 10 
Gigabit Ethernet ports and 12 GbE ports. 

■ ZyXEL MWR222 Mobile Wireless Router 

ZyXEL announced the release of its 
mobile wireless router, the MWR222. The 
mobile router enables users to access the 
Internet no matter where they are. The 
router is compatible with 802.1 In Wi-Fi 
products and has 3G/4G connectivity and a 
rechargeable battery backup that can last 
more than two hours. Other features 
include dual Ethernet and dual USB ports, 
a WPS button for easy wireless security 
setup, and other security provisions in- 
cluding WPA/WPA2 and a subscription 
to OpenDNS. 



Physical Infrastructure 



■ Eaton Pow-R-Flex 

Eaton announced the availability of its 
Pow-R-Flex low-ampere bus way. Pow-R- 
Flex provides enterprises with flexible 
power distribution where quick adaptation 
is needed, such as in data centers, labs, 
machining shops, and manufacturing facili- 
ties. The Pow-R-Flex has an aluminum 
housing, a shutter mechanism, and safe 
plug-in outlets, and it can be fitted with 
receptacles up to 60 amperes and 480 volts. 



Security 



■ Activecrypt Software DBDefence 

Activecrypt Software released DB- 
Defence, software designed to strengthen 
the protection for Microsoft SQL Server 
users through transparent database encryp- 
tion. It also has the ability to hide the 
database schema from users who are not 
authorized. Users with DBDefence can 
encrypt their databases to keep out hackers 
and competitors, preventing them from 
gaining access to information stored inside 
the databases. Easy database pickup is also 
an advantage of DBDefence because it 
automatically secures the database through 
encryption whenever a database is backed 



up; therefore, users don't need to purchase 
additional security software for back- 
up purposes. 

■ Beta Systems Software SAM Enterprise 
Identity Manager 

Beta Systems Software launched the next 
generation of SAM Enterprise Identity 
Manager, which is designed to plot a 
course between current business processes 
and organizational workflows with Identity 
Access Management. Approval processes 
through SAM are designed to be more effi- 
cient and transparent, and users are able to 
impose deputy rules while also bettering 
user performance. The help desk task load 
has been cut down to help save money, and 
companies are able to automate lifecycle 
management of IT user roles, identities, 
and access rights. SAM manages conflicts 
by offering comprehensive options for miti- 
gating conflicts stemming from security- 
relevant business processes. 

■ Cyber- Ark Software Privileged Identity 
Management Suite Version 6 

Cyber-Ark Software announced the 
sixth version of the Privileged Identity 
Management Suite. For SAPM (shared- 
account/software-account password man- 
agement) and SUPM (superuser privilege 
management), the latest version of the 
Privileged Identity Management Suite push- 
es a unified approach that focuses on policy. 
Version 6 includes automatic privileged 
account detection, which uses Cyber-Ark' s 
distributed architecture to abide by critical 
audit and compliance processes linked to 
SAS 70, PCI, HIPAA, and Sarbanes-Oxley. 
Users won't need to implement SUPM and 
SAPM individually with version 6. 

■ Lantronix ManageLinx 2.0 

Lantronix released version 2.0 of its 
ManageLinx software, which the company 
describes as providing access to firewall- 
protected devices via the Internet. The soft- 
ware uses Lantronix' s VDN (Virtual 
Device Network) technology to let users 
create VIP (Virtual IP) connections 
between two Internet points without the 
need to change network configurations or 
application software, thus ensuring access 
to only predetermined devices. Version 2.0 
lets administrators configure multiple 
devices via a command line interface, while 
automated backup and recovery features 
are aimed at reducing staff hours and relat- 
ed expenses. In addition to monitoring 
equipment, ManageLinx also lets service 
providers remotely diagnose problems and 
repair services. ManageLinx also integrates 
with DeviceLinx and SecureLinx. 

■ M86 Security MailMarshal SMTP 6.7 

M86 Security announced the availability 
of its cloud-based malware protection solu- 
tion, MailMarshal SMTP 6.7. The package 
includes IP Reputation, which accurately 
rejects spam messages before they reach a 
company's email gateway; the Blended 
Threat Module, which blocks emails that 
contain malicious links; and the Spam- 
BotCensor, which accurately identifies 
spam messages sent by known botnets. 

■ Oracle Audit Vault Release 10.2.3.2 

Oracle introduced the latest version of its 
Audit Vault, which is designed to secure 
enterprise databases and address regulatory 
requirements. Oracle Audit Vault Release 
10.2.3.2 features report scheduling, notifi- 
cation, attestation, and archiving capabili- 
ties that let users more easily comply with 
internal and external data privacy and pro- 
tection mandates. Other features include 
entitlement reports; automated cleanup of 
audit trail data from supported Oracle and 
non-Oracle databases; and compliance 



reports for Sarbanes-Oxley, the Health 
Insurance Portability and Accountability 
Act, and Payment Card Industry Data 
Security Standard regulations. 

■ Saint 7.2 

Saint released Saint 7.2, the latest version 
of its vulnerability scanning and penetra- 
tion testing solution. Version 7.2 includes 
OVAL functionality, which allows users to 
import security-related checks by compli- 
ance, patch, and vulnerability, and it meets 
SCAP requirements. Saint 7.2 also fea- 
tures a new form-based authentication for 
Web applications. 

■ Vasco Data Security Multi-application 
Security Model 

Vasco Data Security announced its multi- 
application security model. The model is 
designed to give enterprises access to mul- 
tiple applications with only one DIGIPASS 
hardware or software credential. The secu- 
rity model will provide enterprises with 
high-quality security, flexibility, and 
compliance with corporate or govern- 
ment standards. 

■ WatchGuard Technologies XCS 770, 970 
&1170 

WatchGuard Technologies announced 
the availability of the XCS series of high- 
performance messaging and content securi- 
ty appliances, designed specifically for 
midsized enterprises. The series includes 

@)atchGuard" 

the 770, 970, and 1170 models, which all 
include an antispam engine that examines 
sender information and content such as 
images, attachments, and embedded URLs. 
Pricing for the XCS series is $8,500 for the 
770, $40,000 for the 970, and $60,000 for 
the 1170. 



Services 



■ EMC Data Warehouse Services, EMC 
Business Intelligence For Infrastructure 
Service & EMC Contact Center Services 
& Solutions 

EMC launched its expanded services and 
solutions for Microsoft business intelli- 
gence, data warehouse, and mission-critical 
SQL Server environments, designed to 
enable organizations to make more 
informed decisions, reduce costs, and 
increase security and productivity. The 
EMC Data Warehouse Services offering 
lets users collect, consolidate, and organize 
the business-critical data that is required for 
business intelligence and pervasive ana- 
lytics. EMC Business Intelligence for 
Infrastructure Service provides users with 
real-time insight into the infrastructure that 
runs the business. The EMC Contact Center 
Services and Solutions offering lets users 
optimize contact center performance; 
improve processes, real-time visibility, and 
decision making; and increase productivity. 

■ HP Neoview Advantage, HP Converged 
Infrastructure Architecture & HP Converged 
Infrastructure Consulting Services 

HP released several products, includ- 
ing HP Neoview Advantage, HP Con- 
verged Infrastructure architecture, and HP 
Converged Infrastructure Consulting 
Services. HP Neoview Advantage is an 
enterprise data warehouse platform that 
supports real-time insight and decision 
making and lets customers make adjust- 
ments as needed. HP Converged Infra- 
structure architecture helps users to focus 
more of the budget on innovation rather 
Go to Page 6 
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Continued from Page 5 
than maintenance. The company says HP 
Converged Infrastructure Consulting 
Services help users quickly and seamlessly 




transition from isolated product-centric 
technologies to flexible converged infra- 
structure. All of HP's services enable cus- 
tomers to design, test, and implement high- 
ly scalable infrastructures. 

■ IBM Sustainable Asset Analytics 

IBM introduced its Sustainable Asset 
Analytics consulting service designed to 
enable users to manage real estate, supplier 
performance, carbon data collection and 
analysis, asset lifecycle maintenance, and 
all associated business processes and 
systems. Sustainable Asset Analytics covers 




property carbon footprinting, property car- 
bon audit, travel carbon footprinting, pro- 
ject-based travel tracking and analysis, 
workplace transformation, consolidated 
real-time property-related data reporting, 
product and service lifecycle carbon analy- 
sis, and data center management. 



Storage 



■ Addonics Mini NAS 

Addonics released the Mini NAS (start- 
ing at $69), a portable network storage 
enclosure that includes an Ethernet 
10/1 00Mbps connection and the ability to 
install any 2. 5 -inch SATA hard drive or 
SSD and make it sharable instantly over 
any LAN. USB printers can be shared via 
the LAN simultaneously after attaching it 
to the Mini NAS. Roughly the size of a 




VHS tape and weighing less than a pound, 
the Mini NAS supports SMB (Server 
Message Block) and open-source Samba 
network protocols. FTP access for up to 
eight users operating globally via a Web 
console is also available via Internet con- 
nections. BitTorrent and iTunes media 
server abilities are also supported. Other 
features include the ability to set the Mini 
NAS as a DHCP server or client. 

■ DSI DSI9303-D VTL & DSI9983-S96 
Enterprise Edition 

DSI (Dynamic Solutions International) 
announced the DSI9303-D VTL and 
DSI9983-S96 Enterprise Edition, featuring 
integrated data deduplication rates of 10 to 
1 that result in a decreased storage footprint 
of more than 90%. The DSI9303-D is a 
VTL for iSCSI/IP or EC SANs. DSI says 
the DSI9983-S96 Enterprise Edition fea- 
tures support for one-to-one and many-to- 
one replication configurations, enabl- 
ing tape infrastructure consolidation at 
a centralized data site. By deploying 



standalone DSI9303-D remote office/branch 
office all-in-one servers at each site, remote 
location virtual tapes are replicated to the 
data center via WAN. The DSI9983-S96 
then aggregates the data in a clustered reposi- 
tory at the data center. The two systems rep- 
resent a DSI partnership with EalconStor. 

■ EMC Avamar 5.0 

EMC introduced the latest version of 
EMC Avamar, which is a deduplication 
backup platform for enterprises of all sizes. 
EMC Avamar 5.0 ships with enhanced 
backup capabilities for desktop and laptop 
computers, enabling users to secure data 
from the edge of the network to the data 
center with a single solution. Other features 
include new lightweight clients for Mi- 
crosoft Windows and Mac, an easy-to-use 
interface for backups and restores, and 
powerful tools for administrators. EMC 
Avamar employs a capacity-based licens- 
ing model, which lets users add capacity 
when needed without paying a per-user fee. 
EMC also increased Avamar backup capac- 
ity by more than 60% and added new dedu- 
plicated export to tape functionality. 

■ Hitachi Data Systems Dynamic Replicator 

Hitachi Data Systems, together with 
InMage Systems, launched the Hitachi 
Dynamic Replicator, which is a software 
platform that is ideally suited to the disaster 
recovery demands of midrange customers. 
Designed for heterogeneous data storage 
environments, Hitachi Dynamic Replicator 
also caters to specific application environ- 
ments. The Hitachi Dynamic Replicator 
features network optimization and automat- 
ed management capabilities. When used in 
conjunction with existing midrange storage 
systems, the offering represents a compre- 
hensive replication-based platform. 

■ Iron Mountain Accutrac 

Iron Mountain announced it has en- 
hanced its Accutrac records management 
program so organizations can better track, 
control, and apply consistent retention poli- 
cies to their records. Its new Web interface 
lets customers order remote records, pick 
them up, and make other transactions. 
Through a records retention and hold work- 
flow system, the enhanced program also 
provides improved compliance and litiga- 
tion readiness. This lets users obtain clear 
and detailed audit trails. It offers more 
comprehensive searching, tighter security, 
and increased flexibility for customization. 
Iron Mountain joined with IBM InfoSphere 
Enterprise Records so users could have just 
one place to view and control both elec- 
tronic and physical data. 

■ Mimosa Systems NearPoint 
For Exchange 2010 

Mimosa Systems announced that its 
NearPoint product will deliver support for 
Microsoft Exchange Server 2010. Near- 
Point for Exchange 2010 will offer com- 
panies a comprehensive organizational 
archive with single-instance storage, reten- 
tion, and e-discovery; an integrated appli- 
cation to manage workloads across the 
information life cycle; and access to 
archived content, even when offline. 

■ Open-E DSS V6 

Open-E announced the latest version of 
its Open-E IP storage management soft- 
ware. Open-E DSS V6 includes features 
such as via script (API) executable snap- 
shots, allowing users to have periodic snap- 
shots from consistent databases at the vol- 
ume level, the company says. Open-E DSS 
V6, installable on any bootable medium 
(such as internal hard drives, RAID arrays, 
USB, or SATA), can be downloaded from 
the Open-E Web site. The latest release 



also includes an extension of the tape man- 
agement utility that includes barcode sup- 
port and tape magazine management. It's a 
free update for existing Version 6 users; a 
free trial is also available. 

■ QLogic QEM3572 ExpressModule 

QLogic announced the QEM3572, an 
8Gb Fibre Channel/1 Gb Ethernet Express- 
Module for Sun Microsystems' Sun Blade 
6000 systems. The Sun Blade 6000 system 

QLOGIC 

The Ultimate in Performance 

is designed to support capable server blades 
based on UltraSPARC, Intel Xeon, and 
AMD Opteron processors in the Solaris 
Operating System, Windows, Linux, and 
VMware environments. 

■ Quantum Scalar 140 & 180 

Quantum announced the addition of the 
Scalar 140 and 180 tape libraries to its 
Scalar ILayer tape automation portfolio. 
The Scalar series is designed to provide 
SMEs and distributed data centers with 
more storage capacity as well as room for 
growth and simplified system management. 
The 140 can accommodate various data 
storage needs by scaling from 25 slots up to 
40 slots through capacity-on-demand soft- 
ware licensing and features up to five 
import/export slots. The 180 scales from 
50 slots up to 80 slots and has up to 10 
import/export slots. 

■ RAID Xanadu 230, 220 

RAID announced the latest addition to its 
Xanadu 200 series, what it calls the world's 
largest monolithic storage system, the 
Xanadu 230. It can support more than 
2,700 hard drives in SSD, EC, and SATA, 
the company says. The Xanadu 220 uses 




120Gbps QDR InfiniBand and supports 
1,000 drives. Other features of the HPC- 
capable Xanadu 200 series include Intel 
"Nehalem" controller processors, MAID, 
parity check on read, dynamic expansion, 
and native encryption. 

■ Sherpa Software PST Backup Attender 

Sherpa Software announced PST Back- 
up Attender, which is an archiving solu- 
tion that runs on individual desktops and 
allows users to quickly back up PST files 



to a central storage location on the network. 
The solution's features include customized 
backup locations, the ability to back up PST 
files even when they're in use, and the abili- 
ty to synchronize only changes made since 
the last backup. 

■ Sonasoft SonaRAMBO 

Sonasoft released SonaRAMBO, which 
it says is the industry's first fully integrat- 
ed replication, archiving, migration, and 
backup suite. The SonaRAMBO bundled 
offering includes elements from the com- 
pany' s SonaExchange and SonaVault 
products. SonaExchange features include 
the backup and recovery of exchange 
information stores, email recovery, prima- 
ry Exchange Server replication, and 
Exchange Server migration. SonaVault 
offers storage management, continuous 
email archiving, secure and guaranteed 
archiving, and regulatory compliance 
requirements. The bundled price is $7,777 
for up to 250 mailboxes. 

■ Spectra Logic Spectra T-Finity 

Spectra Logic announced the Spectra T- 
Finity, a tape library that gives enterprises 
high efficiency at a low cost, saving them 
up to 30% on initial investments and 15 to 
20% on annual operational expenses. The 
fast, high-availability (99.99%) system 
can scale to more than 45 petabytes 
per library and 180 petabytes in total. 




Targeted for data-intensive environments, 
the T-Finity offers support for LTO open 
tape technology and IBM System Storage 
TS1130 tape drives, letting customers 
select their tape option. 

■ StoneFly StoneFusion 6.3 

StoneFly announced StoneFusion 6.3, a 
virtualization-focused version of its intelli- 
gent network storage platform, which is 
integrated into all StoneFly IP SANs. 
StoneFusion provides block-level provi- 
sioning and centralized storage manage- 
ment, control, and monitoring of logical 
storage volumes. Key updates to version 
6.3 include compatibility with StoneFly' s 
new SCVM (Storage Concentrator Virtual 
Machine) that provides disaster recovery 
capabilities and enhanced support for lead- 
ing virtual machine guest operating sys- 
tems. Users will experience improved sys- 
tem management with Quick Sync and 
Pass-thru Copy features. Version 6.3 also 
adds UPS support for all IP SANs. 

■ Verity Systems V91 Max 

Verity Systems announced the V91 
Max, its hard drive degausser. The V91 
Max produces a 7,000 oersted electromag- 
netic gauss field that erases any informa- 
tion stored on a hard drive in about 20 sec- 
onds. The V91 Max can also remove data 
from DLT, SDLT, 3840, and LT04s. The 
V91 Max is compact, quiet, and manually 
operated. 



Do you have a new product 

that data center/IT managers would 
be interested in learning about? 

Send your press release or related product information 
to press@processor.com. 
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Powering Business Worldwide 



Eaton ePDU ' makes selecting Enclosure 
Power Distribution Units easy 

Uninterruptibifity from Eaton® isn't a new offering. 
It's an iron-clad promise, backed by a $13B global 
organization and a century-long heritage with power 
protection, distribution and nnanagernent expertise. 

Eaton's expanded ePDU® portfolio of power distribution 
units offers the broadest range on the nnarket. Making 
the right decisions from the start can make a difference 
in the dependability and efficiency of your infrastructure. 



Use our new product configuration wizard to search 
over 1,000 products for the perfect solution. Tailor your 
ePDU to include a wide range of voltages using various 
combinations of NEMA and lEC outlets and plugs. 

Visit the product wizard to meet your power distribution 
challenges and power through, 

www.epdu.com/prsnws 

(877) 785-4994 



Eaton and ePDU are trademarks of Eaton Corporation, ©200B Eaton Corporation. Alt ri;ghts reserved. 




Prepare For The Unexpected With Room Alert 



one knows when or how disaster will 
strike. We just know the p{>Lentia] is always there. 
So preparation is crucial to minimizing its impact 
on computers, networks, users & business. 

When disasters occur, there are significant 
costs in areas that go far beyond the sijnple 
replacement of damaged hardware. This is 
because what happens in the data center or other 
facility effects the entire oi^anizaticm. If disaster 
strikes your facility, how will it impact business? 
Who will get the blame? Could it have been 
prevented? What will it cost? 




Soliititms 
Start At $195 



Room Alert products can monitr^r: 

* Temperature • Smoke/ Fire 
■ Humidity 

* Heat Index 
' Main / UPS Power 

* Flood /Water 
' Room Entry, Motion 

* IP Network Camerae 



Air Flow 
Sound, Light 
Panic Buttons 
Dry Contacts 
Switch Sensors 
Wireless & More 



AVTFCH has a full line of powerful, scalable 
Room Alert solutions for real-time 
environtnent monitoring in a computer room, 
data center or otiier facility. All models 
arrive assembled with easy to install 
hardware, cables, sensors, easy-to-use 
logging & alerting software, printed 
documentation, unlimited technical support 
and a '30-Day Satisfaction Guarantee'. Users 
can typically install in under 10 minutes. 

Room Alert products monitor critical 
environment conditions like temperature, 
power, humidity, flood, smoke, room entry, 
air flow, motion and more, alei1 staff by any 
method and can take automatic corrective 
action. There is a model that is right for any 
organization and budget... yours too! 

Call or Visit Us Online Today 



2^AVTECH 



888.220.6700 • 401.628.1600 
AVTECH.com 



Protect Your IT Facility., 

AVI KCH \s\\\\z ivijrldiviJi; iL-aUcr uf \\ &. facililics cnvironnicnl i 



Don*t Wait Until It's Too LateV 

nltdririji iimdjcLs, Pjrchusi: oiiliin; ut fcii^ij:L?[i[iK'.[llMuujllJiXvt'iJU,^ fii;sL'!lt:r inquiries wck 



How Do You Measure the Energy 
Efficiency of Your Data Center? 



WEB BASED SPM INTERFACE 




E I Sentry Power Manager 

p > Enterprise Cabinet Power Mngl. 
|pj > Reports S Trends 

> Device Monitoring 
F > Groups Si Clusters 

> Kilowatt Readings for Billing 

> AutO'Discovery of Sentry CDUs 
: > Alarms 




PRIMARY ETHERNET PIPELINE 



WE0 BASED CDU INTERFACE 




Sentry: POPS Switched CDU 

With Device Monitoring 

> Rack Level Power Management 

> Outlet Power Monitoring (POPS) 

> Input Power Monitoring 

> Efwironmental Monitoring 

> Outlet Groups 

> Alarms 



With Sentry Power Manager™ (SPM) 
d Sentry POPS™ (Per Outlet Power Sensint 



CDU' 



Solutions for the Data Center 
Equipment Cabinet 



Server Technolosy 

tf 1.800.835.1515 www.servertech.com 
tel 1.775.284.2000 saSes@servertech.conn 



Page 8 



Processor.com 



December 4, 2009 



Data Lockdown 



Continued from Page 1 
because it doesn't provide end-to-end 
security. Instead, the email sitting in one 
user's inbox is stored in an unencrypted 
form on the machine or on the company's 
server. "This is why end-to-end email 
encryption services are the only types that 
should be considered," Cain says. 

That approach includes a cost-effective 
solution that provides ease of use, high 
security, and security policy management, 
he adds. For instance, some applications 
include a policy control that looks for 
security cues in an email and then makes a 
decision if the email should be encrypted 
before it' s delivered. 

Physical security is crucial, as well, 
Cain says. Although it seems obvious, 
making sure all servers are kept in a 
secure storage facility is an area that 
sometimes gets overlooked. "Of course, 
every network should also be secure at 
every possible point of dissemination for 
that data," he adds. 

The Human Factor 

Another major challenge is auditing 
administrative-level users. These individu- 
als are particularly important to track 
because they can create back-door logins 
and other configuration items and can 
cover their activities. 

For the administrative-level users, there 
should be strong password policies and 
also more focus on those few highly privi- 
leged users, notes Martin Ryan, vice presi- 
dent of sales and marketing at e-DMZ 
Security (www.e-dmzsecurity.com). 
"They have the access and knowledge to 
do the most damage," he says. "By focus- 
ing on those users that can do the most 



harm, you can free up budgets from 
unnecessary monitoring of users that can- 
not do major damage." 

That focus includes putting in stronger 
audit capability, he adds, and implement- 



needed, and even implementing automated 
access entitlement systems to connect data 
users with data owners — who can then 
place time limits on access, for example. 

Extra Measures 

Some industries will require even more 
security controls, such as healthcare and 
financial services, which are covered by 



Some industries will require even more 
security controls, such as healthcare 
and financial services, which are 
covered by regulatory mandates. 



ing individual account abilities so that an 
IT manager can see who logged in using 
the admin account password. An added 
security level is recording and monitoring 
access — essentially, doing session record- 
ing of everything so that there's a record 
of what's been done and by whom. 

Ryan notes that strong password change 
controls can be another security measure 
for improving the safety of customer and 
employee data. Some companies have 
found better protection, for example, by 
changing passwords each time after use 
for privileged accounts. 

Additionally, automation can be a boon 
for every strategy, notes Raphael Reich, 
senior director of marketing for data gover- 
nance solution provider Varonis Systems 
(www.varonis.com). Specifically, automa- 
tion can be used for such tasks as regularly 
collecting permissions and permissions 
changes, auditing data access, looking for 
indicators of when access is no longer 



regulatory mandates. At some level, 
though, many companies are affected by 
these rules, even if they aren't healthcare 
firms specifically. 



"Customer and employee data protec- 
tion is cross-industry with compliance 
requirements such as PCI and HIPAA, 
bringing added focus to those companies 
that process credit card transactions or 
deal with patient records," says Ryan. 
"[Sarbox], though a bit more generic in 
nature, drives compliance at some level to 
every public company." 

The good news is that compliance can 
sometimes drive better security at a com- 
pany, Cain adds. Although regulations can 
add pressure to already- strained budgets 
and mounting end-user requirements, 
many organizations may view them as an 
opportunity to improve systems and 
upgrade infrastructure to stay ahead. 

"The bottom line is that every organiza- 
tion should be managing data protection 
proactively and not waiting until some- 
thing bad happens to them or their indus- 
try," Reich says. "That is not a forward- 
thinking business strategy; it is a recipe for 
disaster. Good risk management means 
balancing risks, the likelihoods those risks 
will occur, and resultant costs." 



Top Challenge: Establishing Authorization 
Procedures 



In most instances, the meth- 
ods for safekeeping data 
itself involve physically lock- 
ing down the media, en- 
crypting files, and other 
strategies, but one area 
that's often overlooked is 
making sure that the individ- 
ual accessing the data has 
proper authorization, notes 
Simon Ford, international 
sales director at NCP 



Engineering (www.ncp-e 
.com). "Methods have to be 
implemented to ensure that 
only those individuals autho- 
rized to access certain data 
are who they say they are," 
he says. 

Fortunately, creating protec- 
tions doesn't require exten- 
sive policies or extra expen- 
ditures. Ford notes that it 



is usually of a matter of 
tweaking VPN controls, but it 
is also important to under- 
stand what individuals 
should be accessing. Talking 
with department managers 
and having a grasp of how 
data is handled in each com- 
pany area will give an IT 
manager a better sense of 
data flow and prevent inter- 
nal breaches. 



When Do You Need N+1? 



Key Points 



• Partner with the business to understand 
the mission criticality of all relevant hard- 
ware. Equipment whose failure doesn't 
flow to the bottom line typically does not 
need N+1 coverage. 

• Consider leveraging third-party providers 
for services that would be too expensive 
or complex to deploy in-house. 

• Negotiate with vendors to integrate per- 
formance thresholds into contracts and 
service-level agreements — and refunds if 
N+1 hardware is ultimately not used. 



Continued from Page 1 
company running only a single server and 
it goes down, you could be in big trouble." 

Jack Santos, CIO executive strategist 
with Burton Group (www.burtongroup 
.com), says IT needs to really understand 
how a given piece of equipment can fail 
and what vendor-provided service is 
already costing them. 

"This kind of economic analysis can 
often tell you whether it's worth just buy- 
ing the unit, having it on hand and being 
preassured that in the event of failure, it'll 
cost you less to replace than paying the 
vendor for that support," says Santos, who 
advises companies to also factor in 
employee availability and traffic. "How 
quickly you can get your guy in to make 
the switch is important, too. If there's lots 
of traffic and you go past your four- or 
eight-hour support window, you could be 
out of business by then." 

Nothing Is Free 

Although maintaining a fleet of spare 
parts for the server — or even an entire 
server itself — in inventory to hot swap in 
the event of an in-service failure is a 
tempting means of avoiding downtime, it 
doesn't come without costs of its own. 

"Although companies think that buying 
spares and keeping them onsite doesn't 
cost them anything, it does," says Gold. 
"There's an opportunity cost, a storage 
cost, and even a depreciation cost." 

Gold says organizations must under- 
stand the business impact of an outage 
before deciding if it's worth buying a 
spare. Only truly mission-critical equip- 
ment — which negatively and significantly 



impacts the business if it breaks and can't 
be repaired or replaced quickly — should 
qualify for N-h1. 

"If a printer goes down, you probably 
have another place to print," says Gold. 
"Some things just don't matter enough to 
justify buying a spare because an outage 
wouldn't affect your business." 

It's a sentiment echoed by Michael 
Terlizzi, executive vice president of oper- 
ations for Telx (www.telx.com), who 
says basic understanding of business 
needs should drive the N-i-1 decision. 
"Selecting the appropriate level of fault 
tolerance is truly dependent on the appli- 
cations being supported and the required 

The Internet Is 
Changing N+1 
Thinking 

Keeping hardware spares onsite is becom- 
ing less of an issue as Internet-accessible 
applications become more mainstream. As 
shops increasingly look to the cloud, redun- 
dancy and fault tolerance become as critical 
to uptime as parts availability and service 
turnaround times. 

"With the rise in Internet-accessible applica- 
tions, the real discussion has become just 
how redundant your system is, and whether 
you've really built it for true fault tolerance. 
You really want to build a system so that 
even when part does fail, it still operates," 
says Jack Santos, CIO executive strategist. 
Burton Group (www.burtongroup.com). 



availability of those applications and sys- 
tems," says Terlizzi, adding it may not 
always make sense to stock up locally. 
"The SMB may elect to add some redun- 
dant components to their infrastructure 
where economically practical, but should 
look to data center providers whose facil- 
ities are purpose-built to support avail- 
ability in excess of 99.9%." 

Focus On Vendors 

After settling on what data center com- 
ponents should be included in an N-h1 
strategy. Gold says IT should sharpen its 
pencil as it finalizes contracts with ven- 
dors. "Don't automatically assume that the 
vendor will tell you what you need to buy 
for spares, because they'll often try to sell 
you things you don't need," he says. "Do 
your own due diligence." 

Gold also recommends updating con- 
tracts to include clauses that provide for 
refunds on any N+1 equipment that isn't 
used within the contracted period. "If the 
vendor tells you that this is a wear compo- 
nent, and it doesn't wear out, then you're 
being sold something that you don't need," 
he says. "It may be difficult to get such a 
thing into the contract, but if you have 
leverage with your vendor, why not try?" 

Get Business On Board 

As organizations grapple with the costs 
of buying and storing additional hardware, 
they should also consider how these costs 
will flow through to the business. 

"The problem that many organizations 
have dug themselves into is that as costs 
are covered by the overall organization and 
not charged back to each business area, 
their customers have no idea about what 
something actually costs," says Bill Malik, 
a research director with Gartner. "If you 
want to be able to effectively recover the 



cost for high availability, then you'd better 
already be recovering the cost for the avail- 
ability you're already delivering." 

Raising the business areas' awareness 
of — and involvement in — cost recovery 
goes hand in hand with setting an appro- 
priate level of N+1 -related redundancy. 
"Overproduction is one of the cardinal 
sins of IT," says Malik. "If the customer 
needs 99% availability and you're deliver- 
ing 99.9%, that extra order of magnitude 
can increase costs by 50%. Understand the 
business case and tailor your strategy to fit 
that need." 

Malik also recommends ensuring N+1 
planning isn't limited solely to procure- 
ment and storage of spare hardware. IT 
and business staff must be properly trained 
to ensure the N+1 equipment can be effec- 
tively called upon when needed. 

"You have to get the proper operational 
procedures in place before you can even 
have a chance of doing a clean handoff 
from one active system to another," says 
Malik. "This applies whether you're 
recovering from an outage or a disaster, or 
only doing planned maintenance." 
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Wright Line Total Aisle 
Containment Solutions 



NEW product 



by Joanna Safford 



Manage Airflow & Improve Efficiency 



Optimizing data center airflow can 
be a challenge when you want to maintain 
both a reliable and efficient environment. 
An airflow management system that sepa- 
rates hot and cold air makes the most of 
infrastructure cooling capabilities, controls 
interior temperature fluctuations, and sus- 
tains an eco-friendly atmosphere. Wright 
Line's suite of airflow containment solu- 
tions addresses these issues. 

Wright Line's patented HCS (Heat 
Containment System) adapts to your cur- 
rent rack configuration and works to direct 
heat exhaust through a chimney attached 
to the top of the enclosure. The HCS is 
completely scalable and field-installable 
on Wright Line's Paramount and Vantage 
S2 enclosure systems as well as third- 
party server racks. Wright Line's HCS 
helps you save white space (no additional 
air conditioners or equipment is needed) 
and increase CRAC cooling efficiency. 

End-of-Row Doors block the escaping 
cold air and prevent hot air from recircu- 
lating, ensuring cold air reaches equip- 
ment. End-of-Row Doors are available in 
in two styles — cafe-style or single 
swing — and are rack-neutral. 

End-of-Row Curtains are also avail- 
able. They partially contain air within 
the aisle, increasing the life of IT equip- 
ment and decreasing energy costs. The 



curtains can be tailored to your infra- 
structure using vinyl or non- vinyl mate- 
rials such as Polysim 509. 

Wright Line's Aisle Containment 
Ceiling complements both End-of-Row 
Doors and End-of-Row Curtains. Made 
out of V-0 rated Lexan panels. Aisle 





Wright Line Total Aisle Containment Solutions 

A line of new products, including a Heat Containment 
System, End-of-Row Doors, End-of-Row Curtains, and 
Aisle Containment Ceilings. 

Containment Ceilings mount atop 
Paramount, Vantage, and third-party 
enclosures to increase energy efficiency 
and predictability and better regulate air- 
conditioning set points. The Aisle 
Containment Ceilings are compatible with 
varying rack heights, row spacing, and 
any physical building inconsistencies 
within the data center. 



TEMPERATURE@LERr 

USB TEMPERATURE MONITOR WITH EMAIL ALERTS 



W 



right 



Protect your IT equipment during 
your Holiday vacation. 

Tenaperature@lert Has You Covered! 

Out of the office this Holiday Season? Need to ensure your server room doesn't 
overheat? Temperature@lert will monitor your server room temperature and alert 
you before it's too late. 

Temperature@lert monitors the ambient temperature and alerts you via email when 
it rises or falls outside your acceptable range. The temperature sensor is accurate to 
within ±0.5°C and can report temperatures from -40°F to +200°F. The customizable 
alert message can be sent continuously or just once when an alert is triggered. Real- 
time graphing and XML support provide you with the tools you need to integrate 
temperature readings into Web sites and other third-party applications. 

USB Edition • $129.99 

Notifies you via email of changes in room temperature 

Connects to your PC via an available USB port, so it 
never needs new batteries or an AC power adapter 

Precalibrated sensor 

Runs on all Windows platforms 

Logs to TXT, temperature graph, event log, and XML 

Runs as a Windows service 

SNMP support 

Easy integration with IIS 

: Includes free software upgrades for one year 

Choose degrees Celsius or degrees Fahrenheit 

Support for SMTP authentication 

Free shipping 



I n e 



) 225-7348 
www.wrightline.com 




Check out our USB and Wireless Monitors at: www.temperaturealert.com • (866) 524-3540 
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ISSA Upstate SC 
Dec. 18, 11 a.m. 
NuVox 

301 N. Main St., Suite 5000 
Greenville, S.C. 
www.upstate-issa.org/index.htm 

- JANUARY - 

AITP Southwest Missouri 
Jan. 19 
Springfield, Mo. 
aitpspringfield.org 



ISSA St. Louis Chapter 
Jan. 19 
St. Louis, Mo. 
stl.issa.org 



Oklahoma City AITP Chapter 
Jan. 19 
Oklahoma City, Okla. 
www.aitp.org/organization/chapters 
/chapterhome.jsp?chapter=40 



AITP Northeastern 
Wisconsin Chapter 
Jan. 20, 4:15 p.m. 
Holiday Inn Select 
150 S. Nicolet Road 
Appleton, Wis. 
new.aitp.org 



AITP Atlanta 
Jan. 21, 5:30 p.m. 
Crowne Plaza Atlanta Perimeter NW 
6345 Powers Ferry Road NW 
Atlanta, Ga. 
www.aitpatlanta.org 



San Diego SQL Server User Group 
Jan. 21 
San Diego, Calif. 
www.sdsqlug.org 



ISSA Inland Empire 
Jan. 26 
ie.issa.org 



ISSA Baltimore 
Jan. 27, 4:30 p.m. 
Sparta Inc. 
7110 Samuel Morse Drive, Suite 200 
Columbia, Md. 
www.issa-balt.org 

AITP California Southland 

Jan. 27 
www.aitpcalsouthland.org 

- FEBRUARY - 

Green Data Center Conference 
Feb. 2 

University Of California San Diego 
San Diego Super Computer Center 
10100 Hopkins Drive 
San Diego, Calif. 
greendatacenterconference.com 



AFCOM St. Louis "Gateway" Chapter 
Feb. 9 

Schneider Electric Technology Center 
807 Corporate Centre Drive 
O'Fallon, Mo. 
www.afcom.com/afcomnew/stlouis.html 



AITP Southwest Missouri 
Feb. 16 
Springfield, Mo. 
aitpspringfield.org 



ISSA St. Louis Chapter 
Feb. 16 
St. Louis, Mo. 
stl.issa.org 



Oklahoma City AITP Chapter 
Feb. 16 
Oklahoma City, Okla. 
www.aitp.org/organization/chapters 
/chapterhome.jsp?chapter=40 



AITP Northeastern 
Wisconsin Chapter 
Feb. 17, 4:15 p.m. 
Holiday Inn Select 
150 S. Nicolet Road 
Appleton, Wis. 
new.aitp.org 



AITP Atlanta 
Feb. 18, 5:30 p.m. 
Crowne Plaza Atlanta Perimeter NW 
6345 Powers Ferry Road NW 
Atlanta, Ga. 
www.aitpatlanta.org 



COVER FOCUS 



Control IT 
Maintenance 



Costs 

Maintenance Is A Vital 
Expense, But It Doesn't 
Have To Break The Bank 



by Carmi Levy 

Everyone seems to know the approximate 
price of a new server or laptop. However, 
the costs of keeping that new hardware up 
and running — as well as maintaining the 
software that runs on it and the processes 
that surround them all — aren't as well 
understood. They should be: As the econo- 
my slowly emerges from the downturn, 
keeping IT maintenance costs in check 
can represent a major source of opera- 
tional cost savings. 

This is easier said than done, as 
unchecked additions to the technology 
environment can often leave IT — and the 
business areas it serves — with an overly 
complex patchwork of overlapping solu- 
tions that keep maintenance costs 
higher than they should be. 
According to Mike Rollings, 
research director of enterprise 
architecture at Burton Group, 
the solution is to simplify. 

"Once you implement 
something, it immediately 
becomes part of your envi- 
ronment that needs to be main 
tained," says Rollings. "The cost 
associated with keeping whatever it is run- 
ning is really associated with maintenance." 

So as companies begin looking at how to 
reduce maintenance costs. Rollings advises 




Key Points 



• Keep it simple. Connplexity drives cost, 
so reduce redundant systenns and 
nnove to connnnon platfornns to sinnplify 
the architecture. 

• Talk to the business. Let thenn deternnine 
which systenns need greater care and 
which ones can be reduced or elinninated. 

• Know when to outsource. Hand off tasks 
to third parties when internal resources lack 
the skill sets to do the work efficiently. 



them to first reduce the number of applica- 
tions and eliminate redundancies in the 
information environment. 

Talk To The Business 

As IT moves through the process of iden- 
tifying overlapping areas, it must remain 
tightly focused on business requirements. 

"You know you've got a problem when 
you feel constrained [or like] you no longer 
have the funds to do new things required 
by the business," says Rollings. "If you've 
reached this point and the organization 
doesn't have the ability to generate more 
capital expense dollars to cover it, really 
your only choice is to go back and deter- 
mine how you're going to get rid of some 
of your stuff." 



Although reining in IT maintenance costs 
isn't an easy process. Rollings says that this 
is as it should be. "This is all about dealing 
with your phantoms," he says. "If you reach 
a maintenance-related area you haven't felt 
comfortable discussing with the business, 
it's probably a sign that you need to have 
the difficult conversation. The fact is you 
don't manage your environment in the rear 
view mirror." 

Rollings concludes, "You need to closely 
assess what you need to do, challenge your- 
self to have some of those often difficult 
conversations, and tackle the real issues that 
are causing you and the business ongoing 
pain. Nothing is off the table." 

Setting & Sticking To Priorities 

Those conversations often involve under- 
standing what's important — and what isn't. 
"This stuff is all about setting priorities," 
says Jack Gold, president and principal ana- 
lyst of J.Gold Associates. "It's like paying 
bills. You have to decide what's most 
important to pay now and what can wait." 

Building out the priority list often 
involves deciding what makes the most 
sense to keep in-house and what can be 
reassigned to a third-party vendor. 

"You need to assess what resources from 
a skills perspective you have in your com- 
pany," says Gold. "Some things you may 
not be able to fix very efficiently. For exam- 
ple, something that breaks once every six 
years that no one knows anything about 
would probably take you hours to repair. A 
specialist would get it done in 15 minutes 



because he's probably done 100 of them 
this week." 

Gold recommends the following key 
steps to organizations looking to rein in 
their maintenance costs: 

Track costs on a per-item basis. Many 
organizations fail to do this, even at a basic 
level. Doing so can identify trouble spots 
before things get expensive. 

Study industry benchmarks. Although 
you may not be able to source specific fail- 
ure-related statistics for your particular serv- 
er or router, general numbers can give you a 
sense of where you stand. "If you're way off 
in left field, there's something wrong," says 
Gold. "Even if you're in right field, maybe 
there's something you're not tracking." 

Strengthen your vendor contracts. 
Include uptime and vendor response time 
commitments in all contracts and include 
compensation if these targets are not met. 

Consider implementing chargeback. 
Work with the business areas to have 
them — not IT — identify their highest-priori- 
ty items and then charge them or otherwise 
make the budget lines visible. "If there's a 
charge associated with the particular service 
you provide, they'll figure out very quickly 
what matters most to them," says Gold. 

Back Off, Carefully 

For some SMEs looking to cut the main- 
tenance-related bottom line, the answer may 
be to do nothing at all. Jack Santos, execu- 
tive strategist at Burton Group, cites one 
example of a large retailer that decided the 
expense of maintaining PCI compliance was 
simply too high. The compliance budget 
was so bloated that the company couldn't 
afford to invest in other discretionary initia- 
tives. Consequently, the organization decid- 
ed to stop all such maintenance and pay the 
fines — which amounted to less than the 
maintenance activities — instead. The 
savings were used to finance 
growth-focused IT initiatives. 

Although the organization 
later reversed its decision when 
high-profile data breaches like the 
one at TJX reinforced a new reality where 
not all costs were exclusively financial, 
Santos says the experience confirms that not 
all maintenance spending should be viewed 
in absolute terms, and all doors should be 
left open. 

Longer term. Gold says SMEs need to 
change their perceptions of maintenance to 
ensure their investments in technology help 
them continue to meet their business needs. 

"If you don't change your car's oil for 
150,000 miles, you'll almost certainly have 
problems with the engine," says Gold. 
"Companies have to get away from looking 
at maintenance purely as a cost structure. It's 
a basic component of doing business." E9 

1 

Top Challenge: 
Visibility 

You can't manage what you can't see. Many 
organizations pay to maintain hardware, soft- 
ware, and related assets without visibility into 
what those assets really are. This makes it 
hard to identify priority areas for improvement 
and hampers efforts to reduce maintenance 
costs. Jack Gold, president and principal ana- 
lyst of J.Gold Associates, says a simple track- 
ing application can work wonders. 

"It doesn't have to be a big deal, even a 
basic spreadsheet," says Gold. "If some- 
thing breaks, you want to know how long it 
took to repair, what you did to fix it, and 
what it cost. If you're not doing this, you'll 
never gain control over your costs." 
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DS-RPC Remote Site Management Series 




BayTech's DS-RPC Remote Management Series provides secure and 
reliable management for your network, servers, and console ports. 
The DS-RPC combines the powerful combination of power manage- 
ment and console access. The cost-effective DS-RPC Series is meant 
for single connection applications. Security features such as SSH v2, 



Device Management 

Console Port Management 

Remote Power Control 

True RMS Voltage/Current 

SNMP Support 

HTTP Power Control 

SSHv2/SSL Secure Access 

RADIUS Authentication 

Direct TCP Port Access 

Telnet/SSH Menu Device Selection 

Device Port Naming 

Individual Port Password Assignment 



RADIUS authentication, SNMP, and user access lists per port allow 
system administrators to remotely manage the DS Series with greater 
confidence and control. The selected host module provides either 
secure in-band or dial-up out-of-band access to your DS-RPC Series 
remote management solution. 



Bay Technical Assoc. Inc. 5239 A Avenue Long Beach, MS 39560 Tel: 228-563-7334 Fax: 228-563-7335 sales@baytech.net 



Is Network Downtime a 
Significant Challenge 
to your IT Strategy? 

Without a reliable physical infrastructure, 
your network is vulnerable to downtime 
that can negatively innpact customer 
service, sales, and employee productivity. 

Real-time visibility and managennent of 
the physical infrastructure is criticai to 
successfuliy navigate the demanding 
challenges of everyday business. 

Panduit's Physical Infrastructure 
Manager'" Software Platform and 
intelligent Pan View iQ ' System Hardware 
work together to provide local or remote 
management and monitoring of 
connectivity, ensuring network reliability 
to support service level agreements and 
reduce network costs. 



For more information on our solutions, visit us at 
www,panduit.com/pim3, call us at 800-777-3300 or 
email us at cs@panduit.com. 




Unified Physical Infrastructure 



RWDUIT 

building a smarter, 
unified business foundation 

Connect Manage. Automate. 



PDUs Direct 
To You 

Top Quality At Tlie Lowest 
Price Available 

by Blaine Flamig 
• • • 

Premium power distribution without 
the premium price. Such a notion may 
sound too good to be true in today's sag- 
ging economy, but such an approach is 
precisely the customer-oriented mission 
PDUs Direct (www.pdusdirect.com) was 
built on and continues to operate by. 

As the online wholesaler of basic, 
metered, and switched PDUs from long- 
time PDU maker Server Technology's 
product line, PDUs Direct is dedicated 
to providing its customers the highest 
quality in-rack power strips, power dis- 
tribution, and rack PDUs offered at best- 
in-class prices. 

Established in November 2008 at 
the outset of the economic downturn, 
PDUs Direct understands the financial, 
cost-cutting challenges now facing 
SMEs. That's why PDUs Direct is com- 
mitted to supplying its customers with 
industry-standard, industrial-grade PDUs 
suitable for network and server environ- 
ments at prices falling 10 to 20% below 
competitors' online prices. PDUs 
Direct' s customer commitment extends 



PDUs Direct 

(888) 751-7387 
www.pdusdirect.conn 
sales @ pdusdirect.conn 
(product, application, 
and order inquires) 
support® pdusdirect 
.conn (tech support and 
return inquires) 



to the company's easy-to-use, unclut- 
tered Web site, which makes locating the 
right PDU a quick, streamlined process 
without skimping on the pertinent prod- 
uct information customers require. 

PDUs Direct' s dedication to its cus- 
tomers is seen through its next-business 
day shipping policy; 100% satisfaction, 
30-day money-back product guarantee; 
and ultra-convenient email and live chat 
technical support options. Whether the 
question or concern is in regard to a prod- 
uct, order, or application, PDUs Direct' s 
chat support pairs customers with live 
operators who possess years of real-world 
PDU experience and knowledge. Custom- 
ers can even request a chat transcript for 
reference following a chat session. 

PDUs Direct power distribution units 
are constructed in steel-case enclosures, 
available in a variety of outlet and 
power-level configurations, and ship 
with a customer-selected power cord. 
Each switched PDU sold also includes 
the latest firmware from Server 
Technology and fully networked outlet 
management and power and environ- 
mental monitoring abilities. . 



PDUs 



direct 
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Go Green 
Affordably 



Join The Green Revolution 
With IVIinimal Investments 



by Sixto Ortiz Jr. 
• • • 

In today's carbon-constrained, environ- 
mentally conscious world, becoming a 
"green" organization can result in real 
monetary savings. Even though being 
green is sometimes derisively associated 
with the extremes of the environmental 
movement, the fact is that energy will only 
get more expensive as natural sources of 
energy are depleted. Saving energy makes 
bottom-line sense. 



Key Points 



Managing airflow, understanding 
equipnnent, and looking for opportu- 
nities to use the cloud can generate 
energy savings. 

Most organizations still have a ways 
to go before innplennenting cohesive 
green IT progranns. 

Just knowing what to turn off and when 
can quickly generate significant savings. 



By its very nature, IT consumes a hefty 
amount of energy, and that consumption 
will only increase as modern organiza- 
tions' thirst for data grows. Unfortu- 
nately, many IT managers fear that going 
green is an expensive proposition that 
will require significant capital outlays. 
But the fact is IT managers can imple- 
ment inexpensive ways to go green with- 
out spending lots of greenbacks. 

Moving Air Pays Off 

One of the simplest ways to go green 
with minimal expenses is to manage the 
flow of air, specifically hot vs. cold air, in 
the data center. 

John R. Savageau, president of Pacific- 
Tier Communications (www. pacific- 
tier, com) and a consultant for international 
organizations supporting data center pro- 
jects in developing countries, says the use 
of open racks is "the biggest waste of 
energy I have encountered in the new age 
of high-performance servers." Savageau 
says installers often leave large spaces 
between servers in racks, which leads to 



hot air recirculation that 
damages equipment and 
wastes energy. 

To alleviate this problem at 
low cost, he recommends that 
administrators get rid of the four- 
post racks in server farms, imple- 
ment hot/cold aisle separation, make 
use of blanking panels, implement hot 
or cold aisle containment, and, where pos- 
sible or affordable, use a raised floor. 

Carl Cottuli, vice president of product 
development and services for Wright Line 
(www.wrightline.com), says administra- 
tors should consider utilizing a heat con- 
tainment system that attaches to the tops 
of server racks and is used to capture and 
redirect hot air away from servers and 
toward air-conditioning units via a 
plenum. Cottuli says these overhead sys- 
tems have zero impact on existing data 
center footprints and allow the data center 
layout to remain unchanged. 

Know Your Equipment 

Oftentimes, running equipment im- 
properly can lead to tremendous energy 
inefficiencies. These inefficiencies can 
cost significant dollars and prevent an 
organization from truly going green. 

For example, John Pappas and Ron 
Wilson, engineers with Mazzetti Nash 
Lipsey Burch (www.mazzetti.com), point 
out that IT departments often keep idle 
servers running even when they are not in 
use. Pappas and Wilson recommend that 
administrators, just like a home user turn- 
ing the lights off at home, remember to 
turn off idle servers, resulting in immedi- 
ate energy and cost savings. 

Also, it is common to find separate data 
center cooling units set so that one humid- 
ifier is providing moist air while another 
is dehumidifying, causing both to work 
harder than they should, they warn. The 
solution is for administrators to check 
temperature and humidity controls on 
HVAC equipment regularly to ensure all 
are working properly and efficiently. 

Administrators can also make procure- 
ment decisions that can help an organiza- 
tion' s IT department go green. David 
Johnson, vice president of The Fulcrum 



'3 



m 




Group, says administrators should replace 
older equipment with newer energy- 
efficient models when the time comes 
to upgrade. Also, Johnson recommends 
that procurement managers rightsize IT 
equipment by purchasing small-footprint. 



Biggest Challenge: Sustainable Computing 



Even though going green is high 
on today's priority lists, the fact 
remains that IT organizations 
still have a ways to go toward 
the goal of sustainable comput- 
ing. Bob Houghton, president and 
CEO of Redemtech (www.redem 
tech.com), says the company's 
recent Sustainable Computing 
Assessment shows companies are 
making limited progress toward 



reforming corporate IT programs to 
be more sustainable. 

Redemtech's Sustainable Com- 
puting Assessment, which bench- 
marks organizations against 
sustainable best practices in pro- 
ductivity, reuse, accountability, 
energy, and environmental social 
responsibility, revealed that even 
though organizations have made 



strides in energy efficiency, they 
still lack holistic policies for pro- 
moting all four cornerstones of 
sustainable computing: extended 
life cycles, energy efficiency, uti- 
lization and reuse, and responsi- 
ble recycling. 

Houghton recommends five steps 
organizations can take to make 
Green IT programs more successful: 



Establish a baseline and then 
set quantitative sustainability 
targets. 

Review and revise policies to 
produce desired outcomes. 
Extend desktop and laptop life 
cycles. 

Optimize reutilization. 
Create accountability through 
good governance. 



low-energy PCs instead of 
larger tower computers. 

Also, says Johnson, admins 
can save energy by adjusting 
power settings on devices such 
as PCs, laptops, or printers such 
that monitors, hard drives, and 
CPUs are set to turn off or hiber- 
nate after a preset number of 
minutes of inactivity. This no-cost 
solution can yield big annual savings. 
A careful inventory audit can help 
administrators identify opportunities to cap- 
ture energy savings. Shawn Mills, president 
of Green House Data (www.greenhousedata 
.com), says administrators should audit 
server usage and unplug unused servers. For 
servers that are only used a few times a 
year. Mills recommends that administrators 
implement a change management procedure 
for turning those servers on and off. 

Look To The Cloud 

A sensible way to reduce energy con- 
sumption is to simply get rid of equipment 
that consumes energy. Organizations that 
wish to go green but need to continue to 
run applications and generate business data 
can now look to the cloud for a solution. 

Using the cloud delivery model to house 
their data and applications can help compa- 
nies reduce electricity consumption and put 
a dent on the almost 1 billion tons of carbon 
dioxide emissions that powering, cooling, 
and operating PCs and servers generates, 
says Yehuda Cagen, director of marketing 
for Xvand Technology's business develop- 
ment division (www.xvand.com). 

Cloud computing is an effective tool for 
reducing IT energy consumption because 
users only use what they need and pay for 
what they use, says Tim Jewell, CTO at 
Data Deposit Box (www.datadepositbox 
.com), who explains that utilization matters 
because implementing higher utilization to 
do the same amount of work on fewer 
computers saves the environmental costs 
of building and powering those computers. 

And, he adds, when a business stores 
applications in the cloud, the organization 
saves costs because applications are run 
on a shared infrastructure where hundreds, 
possibly thousands, of enterprises are 
using the same server to run applications 
at any given time. 

Computing in the cloud has numerous 
advantages for organizations looking to 
save energy costs. For starters, subscribing 
to a service requires little or no capital 
investment because the service is deliv- 
ered over the Internet for a monthly fee, 
says John Panico, vice president of sales 
and marketing for Virtual Resources 
(www.vresources.net). According to 
Panico, leveraging the cloud allows enter- 
prises to subscribe to IT products, applica- 
tions, or computing resources provided as 
a service over the Internet, eliminating the 
need for enterprises to require their own 
servers to run an application. 
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stay On Top Of 
IT Regulations 

Navigating The Murky Waters Of Compliance In The Data Center 



by Chris A. MacKinnon 

All enterprises face different types of IT- 
related challenges, and if you haven't 
already come up against a tough challenge, 
it's a safe bet that you soon will. For exam- 
ple, staying on top of data center and IT reg- 
ulations is one common challenge that 
enterprises are facing lately. Here are some 
tips and advice to investigate to help you 
solve some of the problems that crop up 
when working to comply with data center 
and IT regulations. 

Top Challenge: 
Virtual Compliance 

Geoff Webb, senior nnanager of product nnar- 
keting at NetlQ (www.netiq.conn), says it 
would be innpossible to discuss the regulatory 
challenges of the nnodern data center without 
addressing that nnost pervasive and ganne- 
changing technology — virtualization. "We see 
organizations accelerating the rate at which 
systenns are being virtualized and beginning 
the first tentative steps to autonnate the provi- 
sioning and nnanagennent of virtual systenns," 
Webb says. "But if the pace of change within 
the infrastructure is accelerating, then the 
challenges of nnanaging it are growing at an 
even greater rate." 

Webb says to consider, for exannple, the prob- 
lems facing organizations with potentially sen- 
sitive data such as credit card nunnbers or 
healthcare infornnation. "As virtualized sys- 
tenns become the standard for the processing 
and storage of this kind of business data," he 
notes, "the likelihood that they will hold infor- 
mation covered by legal mandates or industry 
regulations, such as HIPAA or PCI DSS, 
becomes almost inevitable." He says the 
ability to rapidly provision a new system, and 
then just as rapidly replicate that system, 
represents a nightmare for teams who are 
tasked with ensuring the confidentiality and 
compliance of that same data. 



Clarifying Regulation 

Kurt Stoever, vice president of service 
and support at Quality Tech (www.quality 
tech.com), defines regulation as a principle 
or condition that customarily governs 
behavior. But how can enterprises 
manage all the current and emerging 
standards that dictate the management 
and operation of their companies? For 
Stoever, recognizing that there is a dif- 
ference between regulation, framework, 
and best practice is the key. "Maintain 
focus on regulations," he says, "because 
regulations dictate the mode and extent of 
the operation of a company and, in almost 
all cases, reporting expectations." Stoever 
points to HIPAA and Sarbanes-Oxley as 
popular examples of regulations. 

On a similar note, Stoever explains that 
frameworks are a structured homogeneous 
set of concepts, policies, and reporting 
requirements to accomplish a broad objec- 
tive, such as ITIL and SAS 70. "Best prac- 
tices are time-proven and generally accepted 
methods for performing a task or activity," 
Stoever says. "We at Quality Tech have seg- 
mented our regulatory focus on physical data 
center operation and supporting activities 
such as finance and human resources." 
Stoever says physical data center operations 
generally take precedence because noncon- 
formance can lead to possible shutdowns 
in addition to fines or other penalties. 

Delegate Tasks 

There are regulations that govern multiple 
facets of an enterprise's operation. Stoever 
says his company has solved the problem of 
one group having to oversee all the different 
requirements. "Compliance is a top-down 
and bottom-up program," he explains. 
"We've created our own audit and control 
group to provide overall compliance over- 
sight, but we've also pushed the responsibil- 
ity of identification of regulatory require- 
ments to various lines of business. For 
example, human resources is responsible for 
identifying record retention and security 
requirements. The facilities teams are 




responsible for permitting and identification 
of applicable environmental regulations." 

Stoever says the lines of business and the 
audit and control group intersect in many 
ways. "One example is when a line of busi- 
ness requires assistance from the audit and 
control group to evaluate a specific regula- 
tion," he says. "Having a central group 
responsible for audit and control allows us 
to leverage common business practices and 
supporting systems across various compli- 
ance and reporting requirements." 

He continues, "Our audit and control 
group designs the companies' compliance 
roadmap, maintains regulatory awareness, 
performs research into emerging standards, 
assists clients with internal audits, and 
designs supporting policies." Stoever says 
this group also performs research into 
emerging standards, performs gap analysis 
between today and a state of compliance, 
and provides standards training. 

Control Costs 

So what about significant compliance 
costs? How can enterprises limit these 
expenses? In Stoever' s opinion, compliance 



initiatives are not necessarily overhead pre- 
destined for cost reduction. "While audit- and 
compliance-related activities may be consid- 
ered an operating expense on the income 
statement, we recognize that compliance can 
be a source of competitive advantage," he 
says. "By staying aware of proposed legisla- 
tion, such as emissions, we are able to proac- 
tively evaluate methods of compliance and 
be prepared for reporting on its terms." 

In keeping with compliance, Geoff Webb, 
senior manager of product marketing at 
NetlQ (www.netiq.com), cites as an exam- 
ple the process that allows a remote busi- 
ness unit to create and provision a virtual 
system to support, say, a short-term busi- 
ness initiative. "That same process, increas- 
ingly highly structured and automated, can 
and should now integrate with the security 
team's own technologies to perform their 
own assessments and checks," he 
explains. "So as the new system goes 
live, it no longer requires a manual 
assessment and review by a member of 
the security team. Instead, it is automati- 
cally assessed against corporate security 
policies, checked for noncompliance with 
local regulations, and even tested to see if 
critical vulnerabilities exist." 

Webb says the same automated process 
could ensure that, should a system be found 
to be out of compliance, all the necessary 
stakeholders from the business and security 
teams are appropriately informed and con- 
sulted — ensuring timely review and even 
automating remediation if needed. 

Stay Up-To-Date 

Typically, new compliance initiatives 
draw guidance from industry consortiums. 



Key Points 



Knowing the difference between various 
regulations and compliance standards is 
key to understanding how to tackle them. 
Designate members of each area of 
the business to stay on top of regulations 
relevant to their departments. 
Automated compliance solutions can help 
save on associated costs. 



according to Stoever. He says his company 
ensures it stays engaged and informed by 
joining the conversation. 

By identifying and joining industry- 
specific groups, Stoever says SMEs have an 
opportunity to be part of the message and, 
on occasion, steer the conversation. He says 
advisory boards such as The Green Grid, 
AFCOM, ASHRAE, and ASIS encourage 
involvement from stakeholders. 



Powering Up Your Metwork 




M SERIES SPECIAL 

M Series, Part number: 1000490 
Price: $359.00 

While supplies last, some restrictions apply 

Contact: sales@cyberswitching.com or (408) 436-9830 to place your order or for more information 



www.cyberswitching.com • (408) 436-9830 • (408) 436-9828 Fax • (888) 31 1-6277 Toll 




Happy Holidays 
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Underfloor Cable Management 



Cable Ties & More Qwik Tie Tape With Dispenser | Cable Ties & More Large Capacity 

Hinged Cable Raceway 




Featuring a uniquely designed core, Cable Ties & More's Velcro Qwik Ties offer a conve- 
nient and cost-effective nnethod to bundle wires and cables. The Qwik Tie's core is 
designed to adhere to ladders, the sides of cabinets, and other nnaterials to provide work- 
ers easy tape dispensing. The tape consists of a hook nnaterial on one side and a loop on 
the other that allows for wrapping wires, cords, and cables in a quick and efficient nnan- 
ner. The Velcro Qwik Ties can be opened and closed as nnany tinnes as needed. 

• Easy to use: cut desired length and apply 

• Econonnical and cost-effective cable nnanagennent 

• Ideal for all application types 

• 25-yard roll sizes 

• Black color 

• Operating range of to 220 degrees Fahrenheit 
Best For: Fiber-optic cord and cable nnanagennent. 
Price: $17 




(877) 284-7760 
cabletiesandnnore.com 



Surface cable raceway systenns, such as Cable Ties & More's nonnnetallic Hinged Cable 
Raceway wiring enclosure systenn, provide an attractive nnethod for concealing wires in var- 
ious settings and are particularly useful when drilling into walls or ceilings isn't an option. 
The connpany's line of extruded raceways includes an assortnnent of accessories, including 
preapplied adhesive backing, fittings, and interior and exterior corners, so Cable Ties & 
More can custonnize to nneet your specific wire nnanagennent needs. The connpany's 11 25 
series of latching raceways are designed to acconnnnodate larger-dianneter cables. All Cable 
Ties & More surface raceway parts are constructed of lightweight but durable UL 94-VO- 
connpliant, flanne-resistant PVC that users can cover with Latex-based paint. 

• Triangular corner raceway blends into wall and ceiling junctions for a clean, finished 
appearance 

• Fast and easy installation via hinged-cover design 

• UL VO-94-connpliant, flanne-resistant PVC construction 

• 0.75 X 1 .5 inches, 5-foot section 

• Available accessories include tees, inside corners, outside corners, couplings, and elbows 

• White color 

Best For: Users who need to hide wires in various locations, particularly areas where 
drilling into walls or ceilings isn't an option. 

Price: $9.97 



(877) 284-7760 
cabletiesandnnore.com 



PDU Cables Air Guard Cable 
Seal Product Line 




PDU Cables is the exclusive supplier of the Air Guard Cable 
Seal product line, which includes products that seal access 
holes required for routing cables through a data center's floor- 
ing. The Air Guard Cable Seal product family provides com- 
panies immediate energy savings because of the product's 
ability to significantly minimize cool-air loss while improving 
the static pressure to cool data center equipment. This ability 
assists in preventing a company's expensive electrical equip- 
ment from overheating. 

• Excellent seal around cables provides effective, economi- 
cal means to eliminate bypass air though cable cutouts 

• Reduces air loss in plenum-cooled floors 

• Increases under-floor static pressure 

• Extends the life of cooling equipment 

• Flexible and simple cable routing via removal of floor tiles 
without disconnecting equipment 

Best For: Sealing any size of cable opening. 



Snake Tray Snake Canyon 
Modular Cable Tray System 



Snake Tray 101 




Snake Tray's Snake Canyon Modular Cable Tray 
System is designed so the system can immediately inte- 
grate with the structural elements already in place within 
a company's access floor, creating an underfloor cable 
management approach that drastically reduces installa- 
tion costs. 

• One-piece drop-in cable tray module 

• Models are available for all floor types 

• No additional hardware is required 

• Trays are movable and reusable 

• Tray design ensures proper airflow 

• Power module accessories available 

• UL-classified 

• Low-cost shipping and easy handling 

Best For: Government, retail, education, financial, 
industrial, and other industries needing cable 
management. 



The Snake Tray 101 system is a hand-bendable 
approach that installers can mount directly to the 
floor or suspend from the pedestals on an access 
floor. In addition to bending around obstacles in 
the floor, the trays install quickly with built-in mount- 
ing hardware. 

• No onsite fabrication required 

• Trays attach to each other using a single connector 

• Easily mounts to the floor using built-in mounting 
rings 

• Open-architecture design enables cables to be 
loaded from any direction 

• UL-listed 

• Low-cost shipping and easy handling 

Best For: Government, retail, education, financial, 
industrial, and other industries needing cable 
management. 



Product 



Description 



Contact 



Product 



Description 



Contact 



(866) 631-4238 
www.pducables.com 



(800) 308-6788 
www.snaketray.com 



(800) 308-6788 
www.snaketray.com 
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CableOrganizer.com Powerflor 

Raised Floor Cable Management System 




CableOrganizer.conn's Powerflor is a complete low-profile raised-floor cable management system that 
includes electrical power outlets and cabling, voice and data outlets and cabling, and modular carpeted 
chaseway floor. The conventional raised floor provides a horizontal space in which other building elements, 
such as wiring and air delivery, can be placed or used. The raised-floor approach also typically provides an 
additional contracting layer for the floor only. 

• Modular design cuts installation time and costs and simplifies future alterations 

• Standard 18- x 18- x 3-inch panels constructed of impact-modified polycarbonate material tested to 
support 41 ,000 pounds per square foot and includes 2 inches of height for cabling underneath 

• Tool-less disconnections and reconnections of outlets 

• Carpeted panels feature Volara foam underlay to prevent lateral movement and reduce noise 

• Uses PVC-free materials 

• Up to four duplex-power or data-outlet grommets per panel to accommodate any floor plan 

• Complete flooring systems with prewired outlets and ADA-compliant entrance ramps available 

Best For: Call centers, computer training rooms, IT lab areas, schools, offices, conference rooms and 
centers, and areas where computer use is extensive and/or the churn rate is high. 

Price: $39.99 per 18- x 18-inch standard panel with foam; $95 per 18- x 18-inch standard panel with foam 



Chatsworth Products OnTrac 
Wire Mesh Cable Tray System 




Chatsworth Products' OnTrac Wire Mesh Cable Tray System pro- 
vides users a point-to-point pathway solution that both supports and 
distributes large quantities of cables to equipment cabinets and 
racks. In addition to being highly flexible, workers can position the 
OnTrac system under access floors or above drop ceilings, against 
walls, or on top of racks and cabinets. Additionally, the company's 
tray system can be cut and shaped to create transitions with smooth 
curves around building structures and obstacles. 

• Supports large network cable loads with an easy-to-use pathway 
solution 

• Ships in multiple widths and depths to match various requirements 

• An open-top design enables easier future alterations 

• Wide range of accessories available, including splices, clamps, 
and brackets 

• UL-classified as an equipment ground conductor 

Best For: Equipment rooms, office spaces, and data centers of any 
size. 





Price: $79.90 to $190.40 


(866) 222-0030 


(800) 834-4969 


cableorganizer.com 


www.chatsworth.com 



Upsite Technologies KoldLok 
Integral & Split Integral 




Upsite Technologies' line of KoldLok Raised Floor Grommets keep your data center's 
cool air where it belongs. The cost-effective airflow and thermal management devices 
help to increase your data center's efficiency and work to increase the capacity of your 
existing cooling system. The Integral and Split Integral Grommets seal cable openings 
and can integrate with your existing raised-floor static dissipation system. In addition, 
the Split Integral Grommet lets tiles be moved without capturing cables. 

• 32-square-inch usable cabling area 

• Contain no loose or partially fastened parts 

• Grommets self-dress the raw metal edges of raised-floor tile cable cutouts, meet 
NFPA 75 Section 5-4.4 standards 

• RoHS-compliant 

• Impact-resistant 

Best For: Sealing cable openings in new or existing raised-floor systems. 



Upsite Technologies KoldLok Mini 




The KoldLok Mini Raised Floor Grommets seal small openings in new and existing data 
centers to optimize existing cooling equipment and manage heat loads. Measuring 4x6 
inches, the patent-pending thermal management Grommets give installers a handy way 
to split power and data cabling to minimize interference and also move floor tiles without 
capturing cables. The Grommets improve existing cooling unit capacity, reduce equip- 
ment hot spots, lower infrastructure costs, and facilitate increasing server density. Each 
Grommet has 13,200 opposing, angled, and intermeshed nylon filaments that block up 
to 98% of bypass airflow. 

• Filaments and frame meet UL94 VO standards 

• Sits flush with raised-floor or other panel surfaces 

• Available with and without static dissipation 

• Static-dissipation feature integrates with raised-floor static grounding system to pro- 
vide 1 -gigaohm resistance 

Best For: Sealing small cable openings in new or existing data centers and for cost- 
effectively splitting power and data cabling. 



(505) 982-7800 
www.upsitetechnologies.com 



(505) 982-7800 
www.upsitetechnologies.com 
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Description 



Black BoxClimateCab 
NEMA 12 Cabinets 




Climate-controlled protection found in Black Box 
ClimateCab cabinets lets you install servers without the 
need for additional cooling or costly infrastructure. These 
enclosures are N EM A- 12- rated, meaning they are ideal 
for use in indoor locations with falling dirt; circulating 
dust, lint, and debris; and dripping or splashing liquids. 

• Full-sized cabinet with 42U of rack space 

• Available with 12-24 or M6 rails 

• Choose from models with 6,000 or 8,500 BTU air- 
conditioning units 

• 40-inch depth accommodates most servers 

Best For: Housing servers in remote locations without 
cooling infrastructure. 

Price: $4,499.95 to $5,499.95 



Black Box ClimateCab NEMA 
12 Wallmount Cabinets 




Secure, wallmount ClimateCab cabinets provide a com- 
pact way to protect and cool sensitive components. 
Users can install the NEMA-12-rated wallmount cabinets 
in indoor environments where falling dirt; circulating dust, 
lint, and debris; and dripping or splashing liquids would 
othenA/ise cause problems for equipment. 

• Compact wallmount design saves space 

• Operates on a standard 1 1 5V power source 

• Single- or double-hinged 

• Choose from a cabinet with a fan or an 800 BTU air- 
conditioning unit 

Best For: Equipment protection in hot, dirty environ- 
ments such as factory floors. 

Price: $999.95 to $2,795.95 



KwiKool Strategic 
Air Center 1411 




As one product in KwiKool's Strategic Air Center series 
of portable spot coolers, the SAC 141 1 features micro- 
processor digital controls and an Easy-Touch control 
panel. The unit is an air-cooled, 1.15-ton portable spot 
cooler that operates on a 1 15V/15A circuit. The SAC 
141 1 also supports 460 CFM evaporator airflow and 
1 ,200 CFM condenser airflow. 

• Provides 1 3,850 BTU/hr of cool air at 95 degrees 
Fahrenheit at 60% RH 

• Operates on a standard 1 1 5V power source 

• Operating range between 60 and 1 10 degrees F 

• Easy-access hinged panel with Kwikloks 

Best For: Computer rooms, server closets, or ware- 
house use. 

Price: $3,495 



Contact i 



(724) 746-5500 
www.blackbox.com 



(724) 746-5500 
www.blackbox.com 



(800) 972-6600 
www.atlassales.com 
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Description 



MaxPowerCoolCubelO 




is:::::!!!;;::": 

Mlii 




The CoolCube 10 is a unique modular air-conditioning system that users can install 
standalone or stacked in a 19-inch server rack, above a drop ceiling, or as a portable 
spot cooler. Features include a programmable control panel, electronic thermostat con- 



Temp-Air Topaz TZ-18A 



TOfAZ I 



The Temp-Air Topaz TZ-1 8A is a portable air conditioner that operates at decibel levels 
suitable for an office environment. Features include a backward-inclined plenum evapo- 
rator and condenser fans and a thermostatic expansion valve that automatically adjusts 



trol, and a 2.5-gallon condensate collection tank. 


to the environment to accommodate extreme temperatures. 


• Can be mounted in a rack or above a ceiling or used as a portable unit 


• Provides 17,600 BTU/hr of cool air at 95 degrees F at 60% RH 


• Provides 10,000 BTU/hr of cool air at 95 degrees F at 60% RH 


• Operates on a standard 1 1 5V power source 


• Stackable for redundancy or added capacity 


• Programmable temperature controls 


• Operates on a standard 1 1 5V power source 


• 1 ,000 CFM condenser 




• Runs at 63dB sound level 


Best For: Computer rooms, server closets, and IT facilities with limited floor space. 






Best For: Office environments that require a quiet-running spot cooler. 


Price: $2,600 






Price: $3,672 


(800) 367-8675 


(800) 836-7432 


www.spot-coolers.com 


gotopaz.com 
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MovinCool CM12 




The MovinCool CM12 is a ceiling-mounted air con- 
ditioner that is just 15.5 inches tall, making it ideal 
for spot cooling space-limited installations and 
server rooms. The CM12 frees up valuable floor 
space and features built-in flanges and mounting 
brackets, letting users install it quickly and with 
minimal effort. The CM12 is a cost-effective spot- 
cooling alternative to central air conditioning. 

• Provides 1 0,500 BTU/hr of cool air at 80 
degrees F at 50% RH 

• Provides 7,200 BTU/hr of cool air at 95 
degrees F at 50% RH 

• Operates on a standard 1 1 5V power source 

• Fits into tight ceiling spaces, freeing up floor 
space 

Best For: Space-limited equipment rooms and 
cramped server and telecom closets. 

Price: $2,895 



MovinCool CM25 




(800) 264-9573 

www.movincool.com/dealer.php 



The MovinCool CM25 is a ceiling-mounted air 
conditioner that is 20 inches tall and compact 
enough to fit above a drop ceiling to spot cool 
compact server rooms that need robust heat 
evacuation. The CM25 features a wall-mount- 
ed electronic controller that lets users monitor 
and troubleshoot problems. The unit also fea- 
tures built-in flanges and mounting brackets 
for easy installation. 

• Provides 25,000 BTU/hr of cool air at 80 
degrees F at 50% RH 

• Provides 1 8,000 BTU/hr of cool air at 95 
degrees F at 50% RH 

• Operates on a 208/230V power source 

• Wall-mounted controller with LCD 

Best For: Server rooms and other spaces 
with high heat loads. 

Price: $6,995 



MovinCool Office Pro 12 MovinCool Office Pro 18 




(800) 264-9573 

www.movincool.com/dealer.php 



The MovinCool Office Pro 1 2 is a portable spot 
cooling air conditioner designed to lower operat- 
ing temperatures of computers and networking, 
communications, and office equipment to maxi- 
mize reliability and hardware life span. The Office 
Pro 12 is self-contained and features an electron- 
ic thermostat and a programmable control panel 
for cooling when and where you need it most. 

• Provides 1 1 ,800 BTU/hr of cool air maximum 
spot cooling 

• Programmable digital controller 

• Operates on a standard 1 1 5V power source 

• No costly installation necessary 

• Maintains ideal operating temperature for heat- 
sensitive electronics, down to 65 degrees F 

Best For: Offices filled with heat-generating 
electronics. 

Price: $3,655 



(800) 264-9573 

www.movincool.com/dealer.php 




The MovinCool Office Pro 1 8 offers superior 
cooling capacity without requiring a nonstan- 
dard power source. This portable air conditioner 
protects sensitive data and electronics systems 
from loss and failure, acting as an insurance 
policy for your infrastructure. The Office Pro 18 
features an intuitive control panel that lets users 
designate when the unit operates. 

• Provides 1 6,800 BTU/hr of cool air 
maximum spot cooling 

• Operates on a standard 1 1 5V power source 

• Programmable controls enable weekend 
and after-hours cooling 

• No costly installation necessary 

• UL Listed for safe operation 

Best For: Heat-sensitive office and data 
systems. 

Price: $4,065 



(800) 264-9573 

www.movincool.com/dealer.php 



MovinCool Office Pro 36 




The MovinCool Office Pro 36 delivers 36,000 BTU/hr of 
spot cooling for sensitive equipment. The Office Pro 36 
features an intuitive control panel that lets users program 
the unit to operate after hours or on the weekend. The 
portable self-contained air conditioner requires no 
costly installation. 

• Provides 36,000 ETL-verified BTU/hr of cool air 
maximum spot cooling 

• Operates on a 208/230V power source 

• Features an AFCI plug for added safety against 
electrical arcing 

• Supports a plug-and-play condensate pump 

• Easy-to-use programmable controls 

• Self-contained, portable, and easy to set up and operate 

Best For: Servers, routers, telecommunications, and 
other heat-sensitive equipment. 

Price: $6,995 



MovinCool Office Pro 60 





1 


B 




AACMNCOOL ji 




(800) 264-9573 

www.movincool.com/dealer.php 



The MovinCool Office Pro 60 delivers up to 60,000 BTU/hr of 
cooling capacity, making it twice as powerful as MovinCool's 
Office Pro 24. This portable air conditioner is designed to manage 
temperatures for computer networks, communications equipment, 
and office electronics. The self-contained Office Pro 60 is easy to 
install— just position the wheeled unit, plug it in, and turn it on. 

• Programmable digital controller enables weekend and after- 
hours cooling 

• Operates on a 220V power source 

• Delivers 60,000 BTU/hr of cool air to the room that needs it most 

• Maximizes the life span of heat-sensitive electronics by 
cooling environments to the low 60s F 

• Condensation pump included for uninterrupted operation 

• UL Listed for safe operation 

Best For: Large office spaces and computer rooms filled with 
heat-sensitive electronics. 

Price: $11,145 



MovinCool Office Pro 63 




(800) 264-9573 

www.movincool.com/dealer.php 



Like its sibling the Office Pro 60, the MovinCool Office Pro 63 delivers 
up to 60,000 BTU/hr of cooling capacity and is ideally suited for the 
demands of large office spaces and heat-sensitive electronics instal- 
lations. This portable air conditioner is self-contained and operates on 
460V power for as little as 15 cents per hour. 

• Programmable digital controller enables weekend and after-hours 
cooling 

• Operates on a 460V power source 

• Provides 60,000 BTU/hr of cool air to the room that needs it most 

• Maximizes the life span of heat-sensitive electronics by cooling 
environments to the low 60s F 

• Condensation pump included for uninterrupted operation 

• UL Listed for safe operation 

Best For: Large office spaces and computer rooms filled with heat- 
sensitive electronics. 

Price: $12,495 



(800) 264-9573 

www.movincool.com/dealer.php 
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More Enterprises 
Are Looking 
To Tlie iPlione 

Since the iPhone was introduced, it has 
inched its way into the enterprise market, and 
analysts are predicting it will enjoy a larger 
piece of the business-user pie in the future. 

Deutsche Bank analyst Chris Whitman recent- 
ly predicted that about 2 million iPhones will 
have been shipped for business use by the 
end of this year, which would give the iPhone 
about 7% of the enterprise market. Addition- 
ally, a survey released in October by J.D. 
Power and Associates had the iPhone at the 
top of the list in customer satisfaction for both 
the consumer and the business markets. 

Kirk Parsons, senior director of wireless ser- 
vices at J.D. Power and Associates, says the 
iPhone was initially rejected by IT departments 
because of the holes in security and lack of 
Microsoft Exchange support. But Apple quickly 
adjusted and has made great strides in those 
areas, including adding support for Exchange. 

"Clearly they learned from their initial experi- 
ences and got feedback from their business 
application and enterprise market in terms of 
what they needed to do to shore up that secu- 
rity hole they found initially," Parsons says. 

Parsons also cited the ability to create appli- 
cations as a large contributor to the iPhone's 
enterprise success and says it will only bene- 
fit the iPhone, as well as Google's open- 
source Android platform, in the future in 
regard to the enterprise market. 

"The fact that you can come up with your 
own applications is critical for the business 
enterprise units, because they have special 
applications and needs for each one of their 
businesses." 

Enterprise-Specific Apps 

Whitmore estimated in his recent report that 
6,000 of the approximately 95,000 applica- 
tions are designed for the enterprise, which 
also helps to boost the iPhone's usefulness 
for businesses. 

Although it seems the iPhone has come a 
long way in the past few years. Parsons pre- 
dicts it won't continue to hit the enterprise 
market as quickly as it did on the consumer 
side. Right now, he says, the iPhone is too 
expensive for small to medium-sized enter- 
prises; however, that doesn't mean the 
iPhone market share won't continue to grow. 

"They still have the advantage," says 
Parsons, "because there's not another phone 
out there right now that matches what you 
can do on the iPhone." 



by Tessa Warner Breneman 
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Winterizing 

Data Centers 

Cooler Temperatures Offer Opportunities 
For Experiments & Improved Efficiency 



by Bridget Mintz Testa 

Do YOU HAVE MYSTERIOUS hot SpotS? Hot 

and cold air fraternization? Obstacles 
under the floor and high energy bills? 
Winter is the best time to take on all those 
cooling problems. Depending on your 
resources, attack strategies fall into three 
categories: small, medium, and large. 

"Winter is a good time to look at mainte- 
nance and testing of some things you 
wouldn't do if it's 105 degrees outside," 
says John Pflueger, a Dell technology strate- 
gist and a board member and the technology 
committee chair of The Green Grid. "Also, 
if you're thinking about adding capacity, it's 
a better time of year to do that because the 
cooling systems aren't going flat out." 

On the easy, low-cost end of things to 
test, aka small attack strategies, are ther- 
mostat experiments and basic best prac- 
tices. "Seventy-two degrees has been 
standard for the cold air supply to IT 



equipment, but ASHRAE upped that tem- 
perature to 80.6 degrees," says Jason 
Schafer, senior analyst for data centers at 
Tier 1 Research. "Allow the temperatures 
to rise in a data center." Schafer says that 
raising data center temperature from 72 
degrees to 75 degrees is fine. 

If a data center runs at 65 degrees 
because of hot spots that haven't or can't 
be addressed, a simple best practice can 
help. Where you have penetrations into the 
raised floor, "put a panel over them to seal 
up the holes that are letting hot air in," 
Schafer says. Where possible, remove 
blockages beneath the floor so cool air can 
flow properly. 

Time & Effort 

Middle-sized attack strategies/experi- 
ments take more resources — time, effort, 
and probably money. But the rewards are 
greater, too. 

"If [a data center] is cooling down to 65 
degrees, they need to . . . get out on the 
raised floor and see the situation," says 
Vince Renaud, a principal consultant with 
The Uptime Institute. Renaud recites a list 
of offenses: perforated tiles over hot areas, 
cable blockages, incorrectly installed 
racks, IT equipment pulling air in from the 
hot aisle and blowing exhaust into the cold 
aisle, leaving unused cable spools under 
the raised floor, and placing air cooling 
units so cool and hot air mix. 

"A single opening beneath a cabinet does 
huge damage to the static air pressure," 



Key Points 



• Winter is tine best tinne to add capacity or 
experinnent witli reducing energy in data 
centers. 

• Implement best practices to achieve small 
and medium-sized winter improvements. 

• Data centers can be retrofitted to use out- 
side air, but it can take a year or two and 
requires specific expertise. 



says Julian Kudritzki, vice president of 
development and operations for The 
Uptime Institute. "The air beneath the 
raised floor should go through the perforat- 
ed tiles into the cool aisles." 

To correct all these problems, Renaud 
recommends scanning the data center with 
an infrared sensing gun to find hot spots. 
"Make a map and figure out what to do 
about it," he says. "Be a diligent, observant 



site manager instead of spending unneces- 
sary dollars on manufacturers' equipment." 

Big Attack Strategies 

Big attack strategies can cost a lot and 
take a year or two, but the long-term pay- 
off is commensurately larger. "Longer- 
term things have to do with free air," 
Pflueger says. So these "winterizations" 
involve retrofitting a closed-system data 
center to use free air. This definitely 
demands an expert firm, Pflueger says. 

One retrofit "could be as simple as new 
ducting on the roof," says Michael 



Patterson, chair of the technology and 
strategy work group of The Green Grid 
and Intel's thermal architect. The idea is to 
install new ducts so IT equipment exhaust 
air flows out to the roof, and outside air is 
brought back in for cooling. 

You also want to be able to switch back 
to a closed system if the outside air 
becomes too cold. "You'd need more fil- 
ters and controls," Patterson says, "but 
it's a viable option as long as the data 
center isn't in the center of the building." 
The Green Grid's Web site (www. the 
greengrid.com) has maps that show total 
daily hours that sites in North America, 
Europe, and Japan can rely on outside air 
in different seasons. 

For water cooling, a company could indi- 
rectly use the building AC system to cool 
data center water. As an example, water 
exits the building AC system at 70 degrees. 
Then it travels to the building chiller that 
cools it to 45 degrees. A data center, how- 
ever, only needs 5 5 -degree water. 

"So you can install secondary loops 
with the outside air and let it cool the 
data center water down to 55 degrees via 
a radiator," Patterson says. That is, 
instead of running the 70-degree AC 
water directly back to the data center and 
cooling it there, insert a secondary loop 
in the building AC system to expose 
some of that water to outside winter air 
via a radiator. Let that air cool the water 
to the desired 55 degrees and then pipe it 
back to the data center. 

Using retrofit techniques such as these 
two — and there are many more — Patterson 
and Pflueger say data centers could drop 
from a power usage effectiveness ratio as 
high as 2 down to L5 or L4. 

Before trying any of these "winteriza- 
tion" tricks, remember this maxim from 
Renaud: "Data centers and change should 
be taken in context of the business case 
and availability requirements," he says. 
"Discussions of data center efficiency and 
drawing in outside air must happen in the 
context of availability and reliability." ^ 



Chilling Out Hot Spots 

Winter is a good time to also check your data center for hot spots. If your data center has hot 
spots that can't be easily eliminated, a couple of relatively inexpensive solutions are available 
from MovinCool, a brand of DENSO Corp. The company sells both the rolling, temporary Office 
Pro and the permanent ceiling-mounted CM12 and CM25 units. 

"You can roll an OfficePro in and use it immediately," says Eddie Stevenson, MovinCool's com- 
mercial and industrial systems marketing manager (www.movincool.com). Cooling capacity of 
OfficePro units ranges from 12,000 to 60,000 BTU, and the list price goes from $3,495 to 
$12,495. They're effective in emergency situations, countering heat build-up in a data center 
inside a building or when new equipment has exceeded existing AC capacity. 

MovinCool's 10,500 BTU CM 12 can cool a server closet. The 25,000 BTU CM25 is sized for larg- 
er areas, such as small server rooms or hot data center islands. Advertised prices are $2,786 for 
the CM12 and $6,995 for the CM25. 

MovinCool units are RoHS-compliant and available at some 500 dealers in the United States 
and Canada. 

i 



If a data center runs at 65 degrees 
because of hot spots that haven't 
or can't be addressed, a simple 
best practice can help. 
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RACKMOUNT SOLUTIONS 

is an industry leader in supplying server racks, server cabinets, wallmount racks, network racks, 
LAN racks, portable rackmount cases and accessory products forthe IT/Network professional. 



Our products are a solid value for your time and money. 

We pride our selves in providing quality customer service. 

Please call us at 866-207-6631 and let us know how we can solve 
your rackmount needs or visit www.rackmountsolutions.net. 



I 




W RACKMOUNr 

W SOLUTIONS, LTD 

where customer service matters 



Processor Showcase 

The Processor Showcase provides a 
quick glimpse of data center products 
available from some of the industry's 
leading manufacturers. Each Showcase 
provides information on the product's 
most important features, complete with 
a product photo, to simplify your 
buying process. 



Product manufacturers and resellers: 

To list your products, call (800) 247-4880. 



Physical Infrastructure 



CW-24V5 Sentry Switched CDU 





Server Technolosy 

^lii'iofft for ihp [3ot.3 Cenier f [jfiipnncfit Cohine! 



Mixed Outlet 3-Phase 
415V/240V 

Achieve greater efficiencies 
by bringing 3-Phase 415V to 
the cabinet and 240V to the 
devices 

Single-power input feed; 24 
outlets per enclosure 
Delivers upto21.6kW 
Remote power management 
IP access and security 
SNMP traps and email alerts 
Environmental monitoring 
Ability to add an expansion 
module 



Server Technology Inc. 

(800) 835-1515 
www.servertech.com/products 




Rackmount Solutions Ltd. | 866-207-6631 | www.rackmountsolutions.net | 1509001:2008 Certified 



Physical Infrastructure 




CS-2HD2/HDE Smart Power Monitor 

Easily add input current load and power monitoring to any 
existing cabinet 

Quickly added to SAN's or other cabinets that do not have 
any power monitoring capabilities 
Measure aggregate current draw on each power circuit 
IP access and security/Environmental monitoring 
Provides automated SNMP-based alarms or email alerts 



Server Technology 

kiluJiOTfi for ihie DotJ Cenjpr f c^iipnncnt Cohinet 



Server Technology Inc. 

(800) 835-1515 
www.servertech .com 



Physical Infrastructure 



CS-3AVY Sentry Smart CDU 

/Provides reliable 3-Phase 
power distribution. Multiple out- 
let types distribute multiple volt- 
ages via 3-Phase 208V Wye 
power in-feed. 




• High Density 

• Multiple Voltage Outputs 

• Input Current Monitor 

• IP Access & Security 

• SNMP Traps 

• Environmental (Temperature 
& Humidity) Monitoring 

• Branch Circuit Protection 

• NEW! Linking for Smart 
CDU (Expansion Modules) 



Server Technology/ Inc. 



Server Technology Inc. 

(800) 835-1515 
www . se rve rtech . com 



Magnext Ltd 



MAGNEOT 



7099 Huntley Rd, Suite 104 1 
Columbus, OH 43229 DATA BACKUP SOLUTIONS 

New & REFURBISHED TAPE & HARD-DISK BASED BACKUP SOLUTIONS 

Library upgrade packages for higher performance & capacity 
Tape library repair specialists - stock lOOO's of parts 



LT03/LT04 SPECIAL 



Purchase a complete library with one tape drive 
Get the second tape drive for $1.00 (same format) 

CHOOSE FROM THE FOLLOWING LIBRARY CHASSIS 

• HP SureStore 2/20, 20-Slot Tape Library — $1,999 

• HP SureStore 4/40, 40-Slot Tape Library — $2,449 

• HP MSL6030, 30-Slot Tape Library $2,799 

• HP MSL6060, 60-Slot Tape Library $4,699 

SELECT TAPE DRIVE FORMAT 

LT03 LVD SCSI - $3,500 | LT04 LVD SCSI - $4,500 

Am §smm mips mms msi $m.oo 

Condition: Library chassis is refurbished. Tape drives are NEW \ Warranty: 12-months 
Committed to providing high-value, high-quality, products to the IT marketplace 



Toll-free 888-NOW-TAPE 
www.magnext.com 



614-433-0011 
■nfo@magnext.com 



Information 
Technology 
Trading 



Experience to find you the 
right technology solution. 

AS/400 • RS/6000 • Sun Microsystems 
Storage • Tape Backup 



(877)715-3686 j www.itechtrading.com 
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News 



I Windows 7 Zero-Day DoS Attack 
Confirmed 

Proof-of-concept code that can crash Win- 
dows 7 (32-bit and x64) and Server 2008 
R2 (Itanium and x64) has been publicly 
posted, Microsoft has confirmed. Owing to 
a bug in Microsoft's Server Message Block 
versions 1 and 2 (SMBv1 and SMBv2), a 
remote attacker running the code could deny 
service to systems running one of the two 
OSes but cannot take control of the systems 
or install software on them. At press time, 
Microsoft was recommending vulnerable 
users block TCP ports 139 and 445. Non- 
R2 versions of Windows Server 2008 are 
not affected. 

I Avaya/Nortel Deal Approved 

The $900 million deal that will allow Avaya 
to take over Nortel Networks enterprise 
solutions has been 
accelerated by 
the Canadian 
Competition 
Bureau, j 




which 
approved 
regulatory 
measures, 
and the United 
States, which granted 
early termination of the antitrust waiting 
period that is usually required. Avaya antici- 
pates that the deal will close in December 
once other regulatory reviews are complet- 
ed. In addition to the total sale price, Avaya 
is also paying about $15 million on an 
employee retention program and indicated 
that it will support Nortel products for up to 
five years. 

I Intel, AMD Reach 
Antitrust Settlement 

Chip maker Intel has agreed to pay $1 .25 
billion to settle a long-running antitrust case 
with its smaller rival, AMD. The settlement 
covers both patent and antitrust claims, 
ending a private antitrust lawsuit that AMD 
filed against Intel in 2004. AMD claimed that 
Intel punished computer manufacturers that 
bought chips from AMD and rewarded those 
that bought from Intel. Under the agree- 
ment, the companies will cross-license each 
other's patents for five years, and AMD will 
be allowed to have other manufacturers 
build its processors. Despite the agreement, 
Intel still faces antitrust problems with reg- 
ulators in Europe, Asia, and the United 
States who say Intel's marketing tactics 
have hurt competitors and forced customers 
to pay higher prices. 

I Gartner: SaaS Revenues 
Up About 18% 

According to new research released by 
Gartner, the worldwide SaaS revenue is 
predicted to be $7.5 billion this year, which 
is a 17.7% increase from 2008. However, 
Gartner downgraded its initial 2009 forecast 
of $8 billion. The market is expected to show 
consistent growth through 2013, with that 
year's revenues predicted to be $14 billion, 
which is also down from the earlier forecast 
of $16 billion. The report found that two mar- 
kets currently have the largest amount of 
revenue— CRM and CCC (content, commu- 
nications, and collaboration)— which togeth- 
er total $4.9 billion. 
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FEATURED PRODUCT 



Quantifying Power 





by Joseph Pasquini 
• • • 

Nothing makes an argument more com- 
pelling than the presentation of cold, hard 
data. As the somewhat cliched but still 
almost always applicable maxim states, 
"What gets measured gets done." Al- 
though this adage is usually viewed as a 
prerequisite for successful workplace 
management, the concept also has an 
equally potent role to play when it comes 
to the effective assessment and utilization 
of data center resources. 

Especially in light of today's economic 
climate, the rising costs associated with 
data center power and cooling present 
themselves as two of the biggest concerns 
facing today's organizations. Mounting 
energy costs, coupled with continuously 
strained IT budgets and growing mandates 
to minimize environmental impacts, are 
forcing managers to reassess their existing 
data center infrastructures in an effort to 
find greater operational efficiencies. The 
new reality is that these operational ex- 
penses need to be properly understood and 
controlled prior to the establishment or 
expansion of any data center environment. 

Setting Benchmarks 

Energy consumption metrics can be 
used to motivate an organization toward 
implementing greater power efficiencies 
within the data center. Such data also pro- 
vides a baseline measurement for future 
comparisons. But how are these metrics 
gathered? Unfortunately, many data center 
managers have no idea how much energy 
their facilities consume, let alone how to 
accurately measure the consumption. 

The Green Grid (www.thegreengrid.org), 
a nonprofit trade association of IT profes- 
sionals seeking to significantly raise data 
center energy efficiencies, has developed 
two formula-derived metrics intended to 
help data center managers quantify, ana- 
lyze, and improve energy utilization: PUE 
(power usage effectiveness) and DCiE 
(data center infrastructure efficiency). 
Based upon IT equipment power in relation 
to total facility power, these two interrelat- 
ed metrics have quickly established them- 
selves as accepted standards since their 
introduction only a few short years ago. 

Putting Theory Into Practice 

Although the PUE/DCiE metrics are rel- 
atively straightforward in theory, collecting 
the data in a timely and systematic manner 
can be both a time and resource challenge 
for many data center managers. In the past, 
obtaining these two metrics was often a 
complicated process requiring the deploy- 
ment of expensive, intricate solutions. 
Recognizing this dilemma, RLE Tech- 
nologies (www.rletech.com) developed 



MetricWise, a cost-effective, 
easy-to-deploy Web-based appliance 
designed to automatically collect metered 
information used for dynamically calculat- 
ing an organization's PUE and DCiE. 

Based out of Fort Collins, Colo., RLE 
Technologies has more than 24 years of 
experience in the development and manu- 
facturing of water leak and environmental 
monitoring systems for a wide array of 
facilities and related infrastructure. 

"MetricWise is the first metric monitor 
of its caliber on the market for consistently 
measuring power utilization effectiveness 
(PUE) and data center infrastructure effi- 
ciency (DCiE)," says Jefferie Mitchell, a 
communications specialist at RLE Tech- 
nologies, who adds that MetricWise 
makes gathering this important benchmark 
information a simple task. 

"We developed MetricWise because we 
saw a need for change in the way energy 
metrics are measured," says Mike Orlich, 
RLE Technologies' CEO. "We believe that 
there is a strong need among our clients for 
an intuitive solution that helps promote 
more efficient practices in data centers." 

Hardware Details 

Intended to be placed directly within a 
data center, MetricWise ($635) is de- 
signed to acquire data readings from three- 
phase power meters — ranging from 100 
amps to 2,400 amps — attached to a variety 
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of equipment scattered across the data 
center at key power locations. Up to 10 
power meters may be associated with each 
individual MetricWise monitoring appli- 
ance; the meters start at $1,015. 

Using a Web-based dashboard presenta- 
tion, MetricWise 's system interface features 
dynamic gauges, charts, and graphs to help 
baseline, improve, and measure outcomes of 
various greening efforts. In addition, up to 
two years' worth of historical data readings 
can be viewed and exported for conducting 
PUE and DCiE trend analysis. 

MetricWise sports a single 10/lOOBASE- 
T Ethernet port for connecting the monitor- 
ing device to a data center's administrative 
network. Supported protocols include 
standard TCP/IP, SNMP, TFTP, and 
HTML. BACnet/IP and Modbus TCP/IP 
are also supported and allow for easy inte- 
gration with other management systems. 
MetricWise can be connected via the 
device's 9-pin EIA-232 interface port to a 
PC or laptop for initial configuration as 
well as firmware downloads and trou- 
bleshooting. MetricWise can also function 
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RLE Technologies' 
MetricWise Helps To Put 
The Numbers Together 



as a Modbus slave via the appliance's 
onboard two-wire EIA-485 interface port. 

Comparing Data 

According to Mitchell, data centers 
need to compare their PUE and DCiE data 
against other equivalent sites in order to 
properly determine efficiencies. This 
comparison, though, can be hampered due 
to a lack of uniformity between data cen- 
ters and how their measurements are 
obtained and catalogued. "With no stan- 
dard equipment or processes implemented 
to monitor these factors, it's hard for one 
data center to compare their efficiency 
from one point to another — there is no 
standard," says Mitchell. 

According to Mitchell, MetricWise 
solves many of the difficulties commonly 
associated with estimating, determining, 
and comparing utilization data. Thanks to 
the appliance's real-time measurements, its 
interface provides users with a mechanism 
for comparing their data center metrics 
against other data centers using consistent 
measurement standards. "Unlike current 
products on the market, MetricWise solves 
the issue of companies estimating their 
PUE or determining PUE solely based 
upon nameplate data," says Mitchell. 

With the optional ability to post data to 
RLE's PUE community Web site, users 
can go to a single online location to see 
how their data center ranks among other 
similar operations. The site lists PUE and 
DCiE information for participating data 
centers and allows users to discuss and col- 
laborate on improving energy efficiency, 
Mitchell says, adding that with Metric- 
Wise, the company aims both to standard- 
ize measurements and to build a greener 
and more environmentally aware commu- 
nity of data center operators. 

"Unlike prior methods, MetricWise pro- 
vides consistency when measuring PUE 
and DCiE," says Matt Lane, chief operat- 
ing officer at RLE. "Now when users 
compare their efficiencies with other data 
centers, they know they are comparing the 
same standard measurements." 

RLE Technologies 
MetricWise 



(800) 518-1519 
www.rletech.com 

Description: MetricWise is a data center 
appliance that collects real-time information 
necessary for dynamically calculating PUE 
and DCiE utilization data. 

Interesting Fact: RLE Technologies main- 
tains a database listing the energy use 
metrics of participating data centers; to 
compare your data center's metrics, go to 
www.rletech.com/metricwise. 
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HOW TO 



Pick The Best 
UPS Solution 



Evaluate Your SME's Needs 



by William Van Winkle 

No ONE DISPUTES THAT UPS systems are 
an essential part of any data center's busi- 
ness continuity planning. However, select- 
ing the right UPS involves weighing 
everything from runtime needs to long- 
term scaling. 

UPS Type & Availability 

Reaching any backup power decision 
starts with determining how much power 
is needed across all necessary storage, 
server, and network resources. Traditional 
UPSes were centralized — one big, fully 
loaded, high-capacity box with octopus 
cabling routed to an array of servers — 
whereas newer solutions might involve 
putting one UPS in each rack; each of 
these UPSes, in turn, network back into a 
central management system that admins 
can use to track battery levels and remote- 
ly control tasks. Between these two 
extremes sit centralized but modular prod- 
ucts, which are essentially high-capacity 
shells that managers can fill up with bat- 
teries over time as scaling is needed. 

Although a more modular approach 
might seem smarter because it allows orga- 
nizations to simply pay capital expenditures 
as needed rather than all up-front, this bene- 
fit must be weighed against availability 
needs. The more pieces a solution has, the 
more possible failure points there are. 

"Even 29 hours of downtime annually is 
the equivalent to a seemingly high 99.67% 
availability rating," says Darin Stahl, lead 
analyst at Info-Tech. "Ecommerce-heavy 
companies may be required to provide as 
high as 99.995% availability, which is a 
scant 24 minutes of downtime per year. In 
such cases, the enterprise will need more 
and better UPSes." 

Part of creating a "better UPS" might 
involve implementing redundancy, as in an 
N+1 configuration, but this obviously adds 
expense that should be weighed against 
downtime risk. Also figure heat into the 
equation. A rack-mounted UPS will add 
more heat to its rack, and this may require 
additional cooling costs. 

Runtime & Tech Alternatives 

One of the toughest decisions data centers 
face when designing a UPS solution is 
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estimating needed runtime. The norm for 
enterprises averages between 10 and 20 
minutes, but many experts agree that five 
minutes, and probably even two, is suffi- 
cient. The real role of a UPS system is to 
carry a data center through from power loss 
to generator startup, and if the generator 
isn't up and running in a minute or so, then 
having additional minutes from a UPS isn't 
going to magically fix a defective generator. 
Organizations can burn considerable cash 
by maintaining excessive and unnecessary 
UPS runtime. 

Given that shorter runtimes may be all a 
data center truly needs, flywheel-based 
backup products could make sense, espe- 
cially in larger organizations. Because fly- 
wheel UPSes use rotational inertia (kinetic 
energy) rather than batteries, they're far 
easier to maintain, don't require special 
ventilation, and have no hazardous materi- 
al disposal issues. However, flywheel tech- 
nology has much higher initial costs. The 
key advantage with flywheel is that it 
remedies the many tiny power losses data 
centers sustain over the course of a year. A 
loss of more than two seconds will cause a 
battery-based system to cycle, which 
reduces the longevity of the battery. This is 
why UPS batteries typically have to be 
replaced after only 24 to 36 months. 
During micro-outages, though, a flywheel 
system hardly registers a blip and won't 
fall prey to admins having accidentally 
overlooked a faulty battery. 

According to flywheel UPS manufactur- 
er Active Power (www.activepower.com), 
flywheel UPS runtimes average between 
15 and 90 seconds, depending on model 
and load. Enterprises may want to use a 
flywheel system to eliminate transient bat- 
tery cycling and extend conventional lead 
acid battery UPS investments. Other UPS 
alternatives include solar, fuel cell, and 
lithium-polymer, although LiPo isn't being 
mass produced and solar is only prac- 
tical in very sunny climates, such as the 
American Southwest. 

Greener Loads 

Historically, a common problem with 
centralized UPS solutions has been that they 
arrive ready to handle the organization's 
projected rather than its current power 
needs. A data center might launch with a 



According to Info-Tech 
analyst Darin Stahl, blade 
shops must beware of heat 
issues. "Any data center 
using (or planning to use) 
blades should avoid rack- 
mount UPSes, as they will 
introduce more heat in an 
already hot and crowded 
rack space." 

UPS loads will skew up- 
ward over time if IT staff 



start plugging unplanned 
devices into them. This 
can include everything 
from lighting to new PCs. 
Extra load can come back 
to bite the data center 
when it needs backup 
protection most, and it 
can have an impact on 
the UPS power efficiency. 
If IT expects unplanned 
load additions to occur 
over time, plan for the 



extra capacity when pur- 
chasing the UPS. 

Complete all server room 
consolidation and power- 
saving measures before 
tackling a UPS selection. 
"Green makeovers" can cut 
data center energy utiliza- 
tion by 40%, allowing for 
lower-capacity backup 
power systems. 



maximum load of 20kW but forecast a need 
for 80kW in five years, so an 80kW or high- 
er capacity would be purchased. The prob- 
lem is that, like regular power supplies, 
UPSes have a zone in which they run at 
peak efficiency, typically around 80% load. 
Outside of that zone, efficiency suffers. 
When running significantly above or below 
this load, waste can exceed 20%. 

Similarly, companies often overestimate 
their capacity needs, first by adding up ven- 
dor-given wattage specs, then by adding in 
an excessive "margin of error." One chal- 
lenge in right-sizing a UPS solution is accu- 
rately gauging true average and maximum 
loads, and the only way to do this is to mea- 
sure loads over time, at least at the rack 
level but preferably from the wall. 

There are also greener ways to design 
UPS systems in general. "There's a tremen- 
dous push for green computing, not just out 
of social responsibility but also because it 
can save companies a lot of money," says 
Dan Ayala, CyberPower's vice president of 
worldwide sales. "You've got Gartner say- 
ing that by 2011, 70% of data centers will 
face disruptions because of cost, floor 
space, and energy consumption. Buying a 
better-designed UPS may not solve the 
whole problem, but it'll help." 

Add It Up 

Data centers planning a new UPS deploy- 
ment should determine from their industry's 
expectations and their own service-level 
agreements how much uptime must be 
maintained. This information will help 
decide if a centralized or modular UPS 
approach makes the most sense. Next, 
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The type of UPS appropriate for a data 
center— centralized or modular— will be 
determined by factors including scalability, 
energy efficiency, long-term TCO, and 
availability requirements. 

Rather than overestimate and pay for 
unnecessary runtime, be realistic about 
cutover times from battery backup to gen- 
erator power. If the generator fails, will 
another 10 minutes really help? 

Consider alternative, green UPS technolo- 
gies, such as flywheel backup solutions 
and UPSes that integrate ways to lower 
energy consumption. These could help 
lower long-term costs. 



define exactly what systems will need to be 
protected by the UPS solution and then ana- 
lyze these to find the average and maximum 
energy draw. Identify a suitable, easily man- 
aged UPS product sized for this draw 
level, targeting average draw in the UPS' 
peak efficiency zone. Info-Tech's Stahl rec- 
ommends that "when oversizing UPS 
capacity, target 75% of the peak power and 
cooling load. The costs associated with a 
gross overestimation in oversizing will be 
extremely high, likely running the project 
over budget." If the UPS solution integrates 
green technologies for added energy sav- 
ings, even better. Be sure to examine con- 
ventional lead acid options and alternative 
technologies both as a potential primary 
backup source or as a way to help extend 
regular battery longevity. 



DrayTek YiGORlPPBX 3510 



NEW PRODUCT 



Save Time & Money 

With Unified Communications 



During a challenging economic sit- 
uation, enterprises of all sizes need to 
find a way to do more with less. One 
way to achieve that is by finding a 
cost-efficient IP PBX solution that can 
serve as a unified telephony communi- 
cations system for your enterprise. 
Such systems have been shown to save 
time and money related to installation 
and daily communications costs. 

DrayTek, the professional network- 
ing and IP telephony solution provider, 
continues to develop products that are 
designed with high integration, reliabil- 
ity, and quality in mind. YigorlPPBX 
3510 is the newest release of the 
IPPBX solution, which provides users 
with SIP/PSTN and even ISDN trunk- 
ing over IP. 

Your enterprise may already have a 
conventional PBX for your company's 
PSTN calls. Like its PSTN cousin, an 
IP PBX (private branch exchange) is a 
switching media to receive, route, hold, 
take voicemail, or manage calls that 
arrive over the Internet and is based on 
true IP rather than PSTN. 

YigorlPPBX 3510 can help to auto- 
matically route incoming calls from a 



main IP phone number to any SIP end 
points, either IP phone numbers or ana- 
log extensions. While a PSTN PBX 
connects many incoming and internal 
phone lines through a set of mechanical 
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DrayTek 



Vi9or/PPBX3510 



DrayTek Vigor/PPSX 3510 

A solid choice for a unified communications system that 
can help enterprises save time and money. 

or electronic switches, an IP PBX is 
mechanically simpler, typically either 
software that resides on a server or a 
small, independent server that connects 
with your existing data network. 

The YigorlPPBX' s comprehensive 
SIP extension design lets users expand 
intranetwork telephone users among 
different physical network areas or 
Internet groups. Also, its data network- 
ing features help the enterprise build up 
reliable Internet access and the basic 
network communications infrastructure 
with the included security/firewall and 
VPN mechanism. 



886 3 5972727 
www.draytek.com 
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Dealing With 
Social Networking 
Growtli 

Social networking and collaborative applica- 
tions are now commonplace in many enter- 
prises, and according to Palo Alto Networks' 
recent Application Usage And Risk Report, 
these are being used for both personal and 
work-related use. However, the study also 
noted that "many of the users do not take into 
account the business and security risks that 
these applications present." 

Create Usage Guidelines 

If you haven't already, now is the time for IT 
staff to establish policies for secure usage. 
Matt Keil, marketing manager for Palo Alto 
Networks, says, "IT staff will need to get very 
specific with the security policies around the 
applications and users within the data center. 
You'll want to make sure that the crown jew- 
els of the company— the critical data— is 
secure [and] that you're putting layers of 
security around it." 




For example, you 
could allow finance to 
use an Oracle applica- 
tion but not others. 
"Additionally, you'll 
want to apply threat 
prevention to that traf- 
fic as it goes in and out as well as data fil- 
tering to look for data patterns that are com- 
ing out of the data center. Finally, you'll 
need to look for rogue or misconfigured 
applications, such as SSH tunnels, because 
end users are now using many remote tools 
to access their machines outside the corpo- 
rate world," says Keil. 

Chris King, director of product marketing for 
Palo Alto Networks, says: "For some organi- 
zations, the threat of SSH tunnels is a signifi- 
cant concern, and many organizations that 
we talked with were shocked and surprised 
that workers have trusted SSH tunnels going 
directly to the data center." 

Palo Alto Networks suggests that you use a 
firewall that ties into the company's Active 
Directory, where the policies would allow 
employees to use the Web tools— with 
security scanning and filtering— but block 
specific features of the Web-based tools 
that could prove troublesome, such as 
Facebook applications. 

As far as frequently accessed sites and appli- 
cations, the fall 2009 report found that Twitter 
was the most popular (89%) instant messag- 
ing application, and it was up 35% from the 
report Palo Alto Networks issued in the spring 
of 2009. Also, Facebook mail is used nearly 
as often as Yahoo! mail, Gmail, and Hotmail. 

by Nathan Lake 



NETWORKING & VPN 



Improve Application 
Performance 

Resolving Issues Before End Users Are Affected 



by Chris A. MacKinnon 

When users complain about slow or 
freezing applications, IT and data 
center managers find out sooner rather 
than later. But according to a report from 
Aberdeen Group, "Benchmarking Net- 
work And Application Visibility," some 
companies deliver an 83% success rate 
when resolving application performance 
issues — before end users are affected. 

Jeffrey DeBarros, senior research ana- 
lyst at Aberdeen, says application perfor- 
mance is very important in the small to 
midsized enterprise. "SMEs may have 



Key Points 



Understanding the health of the 
network is a prerequisite to deternnining 
whether application problenns are due to 
network or application perfornnance- 
related challenges. 

For organizations seeking to innprove the 
availability of applications and network 
infrastructure, it is innportant to know 
when network and application perfor- 
nnance have fallen below acceptable 
service levels. 

Perfornnance thresholds should be 
linked with notification capabilities to 
connnnunicate to support resources that 
perfornnance is no longer at expected 
levels. Getting to this point can help 
organizations identify problenns, deter- 
mine an appropriate work-around, or 
resolve the issue prior to end users 
being impacted. 



smaller IT staffs and technology budgets, 
so the choices they make for network 
and application visibility tools are very 
important. Some SMEs may opt for tools 
that fit a subset of what they truly 
require, so they have to prioritize," says 
DeBarros. "Our report found that only 
30% of industry average companies saw 
the need to assess the impact of network 
and application performance initiatives 
on end-user satisfaction. This is an area 
where small and midsized businesses 
should consider deploying a toolset that 
enables this capability." 

Tricks Of The Trade 

A few good tips and strategies can go 
a long way when improving application 
performance in the enterprise. The first 
thing IT and data center managers need 
to do, in DeBarros' opinion, is gain a 
real-time view of performance by visual- 
izing network traffic, flow data, and 
application transaction details. He com- 
ments, "When smaller companies have 
this ability, it enables granular analysis 
of each important application flow on 
the network. The ability to under- 
stand the current health of the network 
is a prerequisite to determining wheth- 
er application problems are due to 



network or application performance- 
related challenges." 

Improving real-time and automated 
alerting abilities is also key, says 
DeBarros. "This is about identifying 
events and moving toward being pro- 
active. Knowing when network and 
application performance have fallen 
below acceptable service levels is impor- 
tant for organizations seeking to improve 
the availability of applications and net- 
work infrastructure." 

DeBarros says you also have to con- 
sider a wider adoption of capabilities 
when monitoring performance. He elabo- 
rates, "Organizations must be able to pri- 
oritize and identify new problems on an 
ongoing basis, whether by providing 
business context or placing self-learning 
mechanisms. Organizations should focus 
on monitoring and report on critical busi- 
ness transaction performance details." 
He says priority-based reporting tactics 
ensure that network and application visi- 
bility achieves its main goal: to mitigate 
the disruption of business processes or 
application services. 

Beyond Performance 

Ed Colonna, vice president of market- 
ing for Precise (www.precise.com), is 
convinced that performance has moved 
beyond just managing an application's 
performance. He explains, "It's become 
about managing transaction performance. 
This is what is vital to any business. 
Business requirements have moved 
beyond applications to more and more 
automation. The application is just a 
piece of the customer experience." 
Colonna says managing the transaction 
cuts across all of the IT silos and helps to 
eliminate over-provisioning and bad per- 
formance, all while meeting ever- 
increasing business SLAs. 

He points out that there are three main 
tenants to TPM (transaction performance 
management): transparency, resolution, 
and prevention. "If you prevent the prob- 
lem," he says, "you guarantee that end 
users will not be impacted. We spend 
most of the time chasing solutions to 
problems. But IT needs to drill into the 
transaction path to see detailed root- 
cause information to solve performance 
problems quickly." 

Nip It In The Bud 

According to DeBarros, data center 
managers should consider implement- 
ing appropriate monitoring and event 



notification solutions. "A good solution 
will have a flexible method to collect 
data and provide the ability to baseline 
network attributes and applications that 
need monitoring: be it a nonbusiness 
critical application, a critical applica- 
tion transaction, or the availability of 
bandwidth for an application to function 
properly," says DeBarros. In Aberdeen's 
report, 52% of best-in-class companies 
were capable of providing real-time alerts 
when performance fell below defined 
baselines. DeBarros says it is important 
for organizations to define what the 
expected performance is under normal 
operational conditions. 

There are many approaches that end 
users can take once they understand the 
baseline. DeBarros says organizations 
should implement tools that enable 
thresholds for performance monitoring. 
He says those thresholds should be 
linked with notification capabilities to 
communicate to support resources that 
performance is no longer at expected 
levels. Getting to this point, he says, can 
help organizations identify problems, 
determine an appropriate work-around, 
or resolve the issue prior to end users 
being impacted. In addition, DeBarros 
says it's always good to prioritize. "Man- 
agers need to work with application own- 
ers to define the key attributes of the 
applications that need to be monitored," 
he says. DeBarros says that IT and data 
center managers need to identify the 
most critical applications that need 
monitoring. "Communication is the key. 
Managers need to talk with application 
owners to identify their application re- 
quirements, service levels, and how 
important the application is to the critical 
operations of the business," he says. 

And if you're considering moving your 
applications to virtualized environments 
or the cloud, Colonna says it is essen- 
tial that data center managers consider 
performance and managing the environ- 
ment properly. "While we are not seeing 
companies moving mission-critical ap- 
plications to virtual environments just 
yet," Colonna says, "we believe in the 
benefits of doing so if IT is managing 
them properly. Just something to keep in 
mind when looking to take advantage of 
the cost benefits of cloud and virtualiza- 
tion adoption." Without making sure 
those applications are performing, he 
concludes, you risk costing your compa- 
ny far more than any savings you may 
have garnered. 



Performance Affects The Bottom Line 

Managing performance is extremely critical to SMEs because every transaction is proportion- 
ally more important when you are relying more heavily on automation and outsourcing. Ed 
Colonna, vice president of marketing for Precise (www.precise.com), says oftentimes, SMEs 
do not have expandable budgets, so they have to do more with the same. Resources are 
sometimes limited, so the performance of those resources plays a key role in lowering TCO 
and meeting SLAs. It will always cost you less to optimize what you have than to deploy, 
develop, or purchase more. 
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Introducing The Adaptec Data Conditioning Platform 
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Adaptec's Data Conditioning Platform delivers business value to next-generation data 
centers by conditioning data as it moves through the I/O path. By developing innovative 
silicon, software, and I/O subsystems, Adaptec's Data Conditioning Platform includes 
products that protect data, reduce capital and operating costs, lower power consumption, 
and dramatically increase server/storage utilization and performance. In addition, prod- 
ucts can be integrated seamlessly into industry-standard servers. 



adaphed 



Learn more about all the benefits at: 

wAAAA#-adaDtec-com/partners/Promo 
800-772-7274 



Maximize I/O performance. The highest-performing I/O 
hardware and software is coupled with the ability to route, 
optimize, and protect data as it moves through the I/O path. 

Reduce capital expenses. Improved server and storage uti- 
lization at the maximum I/O performance minimizes the num- 
ber of required servers and storage devices. 

Reduce operating expenses. Existing server and storage 
systems are more effectively managed, lowering power and 
maintenance costs as well as physical space requirements. 

Achieve "Green IT" objectives. Minimizing the number of 
servers and storage devices reduces direct system power 
and cooling power requirements throughout the data center. 



All rights reserved. Adaptec and the Adaptec logo are trademarks of Adaptec, Inc. which may be registered in some jurisdictions. 
All other trademarks and logos used are owned by their respective owners. Privacy Policy. 
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Full-blown menu of HP at blow-out prices! Call today with your parts! 

(Small sampling menu below) 



HP & COMPAQ 
^ Notebook Parts 



Two Stocking Locations! 

508.866.1171 I Texas: 281.740.0355 

Call Toll Free: SSS. 332. 7278 
Visit us at www.clecparts.com 



DEC -HP -COMPAQ -SUN -IBM 
CISCO- Brocade -McData 



4.: 



m 



Register at 

www.decparts.com 

for our monthly 
giveaway of an 
HPIVIIN1 1101 

*No purchase necessary 



Call Toll Free: 



U.S. military-approved repair depot 

Mission-critical supplier to NASA 

VAX End of life fulfillment reseller Compaq Authorized 

Key reactive response supplier to HP field service 
24/7 worldwide 

7000 skus and 2 million parts in inventory 

Multimillion dollar test lab with printout diagnostics 
for each product supplied 

Free Repair Evaluation 



3.332.7278 I In MA: 508.866.1171 I Visitusatwww.decparts.com 



Part Number 

464184-001 

446435-001 

446914-001 

449979-001 

487741-001 

391173-001 

452220-001 

414046-001 

443885-001 



Description Price 

,.LP2475W 24" wldescreen LCD $395.00 

,.14.1 " display complete assy $200.00 

,.14.1 " display complete assy $225.00 

,.160GBSATA 7200 RPM, 3.5" $35.00 

,.System board Intel G45/ICH10R $595.00 

,.90-watt A/C adapter w/cord $15.00 

,.BIu-ray DVDRW for notebook $150.00 

,.1GBPC2-5300 SODIMM $10.00 

,.6-cell Li-ION battery $25.00 



All product tested with three-month warranty. 
Shipping as late as 6:30PM CDT. 



Register at www.decparts.com 
for our giveaway of an 
HP MIN1 1101 

*No purchase necessary 



This is a small 
snapshot of the 
7,000 SKUs in stools 
LARGEST cable 
inventory worldwide: 

DISK & TAPE 
Part Number ....Price 

RD53-DA $895.00 

RD54-AA $995.00 

RZ29L-AA/VA $175.00 

RZ28-VA $145.00 

RZ1DD-SW/VW $60.00 

RZ28-VA $295.00 

TLZ09-VA $295.00 

TLZ10-VA $385.00 

TZ87/TZ88/TZ89... .Starting at $125 

TSZ08-AA $1,995.00 

All VAX Parts & Spares 70% Off 
Compaq Preferred VAX Reseller 

DNPG Network 

DEZ8R-P $1,290.00 

DEFHM-MM $5,800.00 

DEFEA-FB $1,275.00 

DSGGD-BA $1,500.00 

DZRVW Starting at $500 



All Compaq HP 
Blades 

Start at $595.00 

DS10 $675.00 

DS20 Starting at $1175 

GS80 $2,900.00 

GS160 Starting at $3,900 

GS320 Starting at $5,900 

RL01/RL02 Call 

RA60-P $475.00 New 

RA81 H.D.A $775.00 New 

RA82 H.D.A $775.00 New 

2T-48VDC $3,400.00 New 

VAX Systems & Options— Call 

Alphas Starting At 

ES40 $1,295.00 

ES45 $3,195.00 

ES47 $4,195.00 

Proliant Servers 
/ HP Blades 

AJ 742A $4,175.00 

AJ 753A $5,175.00 

Disks 

AJ 736A $535.00 

AJ 737A $825.00 

AJ 738A $385.00 

AJ 740A $675.00 



Memory 

413015-B21 $1,290.00 

39741 3-B21 $375.00 

HBA Fibre Channel 

AE311A $815.00 

A8003A $765.00 

LPE12000 $840.00 

Printers 

LA600/LN05/LN07/LA400/LN01 /02 
/LN40 

Printer Repair 25% Off 



Full Depot 
Repair Facility 

DEC/Compaq/HP 
a" network products 

^^mCE EXCHANGE 
20% DISCOUNT 

T/LL dec25TH 
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NETWORKING & VPN 



FEATURED COMPANY 



Reliable Network 
Troubleshooting 
& Observation 

Network Instruments Knows That A Healthy Network Is A Happy One 



by Holly Dolezalek 
• • • 

Networks are like children: There are 
days when they behave the way you 
expect, and there are days when they do 
anything but. Network Instruments makes 
software and hardware for companies that 
want to keep a watchful eye on their net- 
works — and occasionally figure out what' s 
wrong with them. 



Network Instruments (www.netinst 
.com), headquartered near Minneapolis 
in Minnetonka, Minn., is perhaps best 
known for its Observer platform. Observ- 
er is a software platform for network 
analysis and troubleshooting. It's capa- 
ble of analyzing applications for perfor- 
mance issues or slow response times, 
security forensics, and VoIP analysis. At 
present, the company has about 62,000 
licenses for Observer in the marketplace, 
which translates to about 20,000 cus- 
tomers worldwide. 

President Douglas Smith and CEO 
Roman Oliynyk founded the company in 
1994. That year, the company began sell- 
ing the first version of Observer; it's now 
up to version 14, which translates to about 
one new version each year. The company 
has more than 100 employees in 20 loca- 
tions worldwide, most of which are sales 
offices with a salesperson and support 
engineer at each office, in cities such as 
Chicago, Boston, Denver, Detroit, and Los 
Angeles. The Toronto office includes both 
a sales and a development team, while 
employees in the London office do all the 
European repair, tech support, sales, and 
other functions. 

Observer & Its Friends 

The Observer platform is the compa- 
ny's flagship product, but it also offers 
several tools that can collect network 
data in different or complementary 
ways. For example, the company of- 
fers GigaStor, which is like a TiVo for 
networks: It's a piece of hardware best 



described as a network recorder that runs 
Observer, captures packet information, 
and allows the user to analyze network 
data after the fact. 

Another application called Link Ana- 
lyst works with Observer to analyze more 
than just the live data. It queries devices 
on the network and reports back on the 
results. "Observer can tell you how many 
packets go by, but Link Analyst can tell 



you the processor utilization on those 
packets," Smith explains. "It's two types 
of data. We like the analogy that while 
Observer can sit on a bridge and count 
the number of cars that go by and say 
how many were red, blue, or white. Link 
Analyst goes to the toll booth and asks 
how many have actually gone by in a cer- 
tain time frame." 

Finally, Reporting Server is a stand- 
alone device that aggregates data from 
Observer, Link Analyst, and GigaStor. 



The Market For Troubleshooting 

Network Instruments neatly straddles 
the marketplace horizontally, in that it 
has something for the smaller companies 
and something for the large enterprises. 
In the small to medium- sized enterprise 
market, many Network Instruments cus- 
tomers just buy licenses for Observer, as 
their networks are often not big enough 
to require the more involved solutions. 
"The smaller entities buy our software 
and use it to collect network data using 
their existing hardware," Smith says. 
"The bigger enterprises tend to buy our 
hardware-based solutions." 

Vertically, Network Instruments does 
well with companies that have networks 
with many sites. That includes agencies of 
the federal government, especially the mil- 
itary, but it also includes financial compa- 
nies, whether on the banking or the trading 
side. "Financial companies often want to 
analyze their data for slow or failed trans- 
actions, particularly on the trading side, 
where they want to find out why a trade 
was slow, and on the credit card side, 
whether they want to find out why autho- 
rizations are going slowly," Smith says. 

About 60% of Network Instruments' 
sales come from within the United States, 
while the remaining 40% comes from 
European sales (30%) and the Pacific Rim 
(10%, mostly from Japan and Korea). 

In the United States, about 30% of the 
company's sales go through its sales 
force, while resellers conduct the other 
70%. The company's software is also 
listed in national software catalogs such 
as CDW's. 

Outside the United States, a network of 
distributors and resellers conducts all 



sales. "The U.S. market other than direct 
sales is a one-tier channel, where we go 
through dealers," Smith explains. "But 
outside the U.S., we sell through distribu- 
tors, who have their own network of 
resellers, who sell to end users." 

Keeping Up 

Networks are getting faster, and that's 
good news across IT. But for Network 
Instruments, it means the company has to 
work hard to keep up. "The move from 1- 
gig networks to 10-gig is on the way, and 
that means not only faster networks but 
more data traveling over those networks," 
Smith says. "For us, that means a lot of 
engineering to make sure our products can 
keep up." 

It also means keeping up in the "expert 
systems," or the code that sorts through 
the network data that Network Instru- 
ments products collect and automates the 
troubleshooting function. The mounds of 
data that faster, bigger networks generate 



Network Instruments 



tend to take that problem- solving ability 
out of the hands of ordinary human 
beings, and Smith says that there are 
fewer people all the time who can go 
through network data and figure out 
what's wrong. 

Protocols present a challenge, as well. 
"We do a lot of business with companies 
who need to monitor their voice over IP 
phone systems, and the protocols for 
phones from different manufacturers to 
talk to each other change rapidly," Smith 
says. "There are also new protocols all the 
time for Web transactions, and we have to 
keep up on that, as well." 

The world of networking is also ad- 
ding new wrinkles to the very concept of 
the network, which means new wrinkles 
for Network Instruments. Cloud comput- 
ing and virtualization are two develop- 
ments that are redefining the company's 
responsibilities, in that its products not 
only have to analyze network data but 
also the data from virtualized and cloud 
applications. Cloud computing is really 
just getting a foothold. Smith says, but 
virtualization is further along, and both 
environments have issues of visibility 
that make network troubleshooting more 
challenging. "We have to keep up with 
all these new initiatives that make the 
world of computing better but also make 
it more complex," Smith says. 

In order to do so. Network Instruments 
continues to work on new features for 
existing software that can increase the vis- 
ibility for faster networks and for more 
complex networking arrangements. "In 
this kind of business, you can't stand 
still," Smith says. 



A Look At Network Instruments' Products 



Product 


Description 


Price 1 


GigaStor Standard 


Standalone device that captures packet 
data and can hold 2 to 1 2TB of data, 
depending on configuration 


Starts at $16,995 


GigaStor Expandable 


Standalone device that captures packet 
data and can hold between 1 6 and 48TB 
of data 


Starts at $70,000 


Observer Expert 


Software for VoIP and application monitor- 
ing that alerts users to network events and 
tracks network conversations for trouble- 
shooting and analysis 


$2,895 


Observer Suite 


Observer Expert plus reporting capabili- 
ties, custom decoding modules, and ex- 
ternal data extraction 


$3,995 


Observer Reporting 
Server Appliance 


Standalone device that aggregates net- 
work data 


Starts at $25,000 




NETWORK 

INSTRUMENTS 



(800) 526-7919 
www.netinst.com 

• Network Instruments specializes in soft- 
ware and hardware solutions that help 
SMEs analyze and troubleshoot their data 
centers' networks. 

• The company's GigaStor appliance lets 
admins rewind network activity to study 
disruptions or snags in connectivity. 

• "The smaller entities buy our software and 
use it to collect network data using their 
existing hardware, [and] the bigger enter- 
prises tend to buy our hardware-based 
solutions," says Douglas Smith, president 
of Network Instruments. 
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Answers To Top IT Questions 

We talked with product manufacturers 
and other industry insiders to answer 
some of the most perplexing data center- 
related questions. 



Processor.com 



Page 25 



Buck The Budget Blues | 25 

■ Although managing the IT budget 
while attempting to satisfy employees, 
management, and seemingly every 
other party within striking distance of 
the data center might appear impossi- 
ble, there are proven methods for get- 
ting a better grip. 



Take Control Of Storage 
Demands | 26 

■ New enterprise storage issues, 
such as limitations on power and 
space, data location, and data securi- 
ty, are overwhelming even the most 
unflappable data center managers. 



IT & Business Integration | 26 

■ Instead of looking at IT as a stand- 
alone entity that is on call to handle 
only certain business needs, many 
small to midsized enterprises are inte- 
grating IT and business from a man- 
agement and decision-making stand- 
point. 



Effective Security Training | 28 

■ When it comes to securing private 
data and networks, there's only so 
much the IT staff can do before they 
must rely on the engagement and 
support from their end users, and that 
means ensuring that there is a holistic 
and dynamic training program in 
place. 



Buck The Budget Blues 

Getting A Better Handle On Your IT Budget Doesn't Have To Be Mission Impossible 



by Christian Perry 

With perpetually limited funds driving 
an IT budget, fending off the constant pres- 
sure surrounding a data center can seem like 
driving away an army with a toothpick. But 
although managing that budget while 
attempting to satisfy employees, manage- 
ment, and seemingly every other party with- 
in striking distance of the data center might 
appear impossible, there are proven meth- 
ods for getting a better grip. 

"IT managers have a finite budget and 
finite resources, both of which seem never 
to be sufficient to immediately satisfy all the 
needs and requirements within the organiza- 
tion," explains Jay Weiss, consultant with 



Key Points 



Prioritization is a constant challenge for 
IT managers, who must decide what 
projects are truly deserving of precious 
budget funds. 

Understanding your technology can help 
you determine which applications and 
other systems can be phased out and 
which can take on additional chunks of 
the budget. 

Bridging the communication gap between 
business and IT will help ensure that 
IT spending accurately targets 
business needs. 



JGI Consulting. "Additionally, managers 
must also balance the requirements of their 
internal customers — the business users — 
with the less-visible but required effort and 
expense driven by software upgrades, patch- 
es, and maintenance." 

Challenges Aplenty 

For IT managers attempting to corral their 
budgets, challenges appear in many forms. 
According to Scott Feuless, senior consul- 
tant with Compass Management Consul- 
tancy, dealing with change — including busi- 
ness demands, available solutions, and the 
cost of those solutions — is a big test for any 
manager trying to manage a budget, but it's 
particularly severe when it's an IT budget. 
Another nagging element is prioritization. 

"IT always has more requests coming in 
than it can reasonably handle," Feuless says. 
"Many of these may be handled as projects 
and funded by a business unit, but some will 
also require fundamental changes in IT 
infrastructure that have to be funded from 
the IT budget. Many will be the pet projects 
of influential leaders within the company, 
and political factors will come into play." 



Although a manager might be adept at 
determining a data center's future needs, a 
tricky balancing act remains between those 
actual needs and what staff considers simply 
nice to have. John Burke, CIO of Ambit 
Energy (www.ambitenergy.com), notes that 
empathizing with staff by letting them know 
you value their input, while at the same time 
battling overspending, requires both people 
skills and technical skills. 

How To Harness 

One of the first steps in 
getting a better handle on 
IT budgets is getting con- 
trol of your data center's 
technology itself. Feu- 
less recommends man- 
aging asset life cycles in 
a planned and predictable 
way, with a regular refresh 
schedule that optimizes both costs 
and quality of service. In terms of 
software, he suggests drilling down 
the business case before rolling out 
new versions and to keep in mind 
that software upgrades can even- 
tually spark costs in other areas, 
such as hardware. He also recom- 
mends directly involving the business 
in project prioritization. 

"IT should take the role of facilitator here, 
providing estimates of cost and schedule, 
along with identification of indirect benefits 
and other implications of the change, such 
as requirements for infrastructure changes," 
Feuless says. "When it comes to actually 
setting the priorities, however, step back 
and let the business leadership forge their 
own compromises. That makes it much eas- 
ier to explain at budget time why some pro- 
jects are going ahead of others." 

Another tip he offers is to benchmark 
costs against peers through the use of an 
independent third party and publish the 
results internally. This step can help allevi- 
ate fears from non-IT managers that IT is 
spending excessively, particularly because 
they don't always understand the complexi- 
ties of IT and don't necessarily trust what IT 
tells them. The benchmark can help deliver 
reassurance that solutions are being deliv- 
ered at costs in line with other organizations 
using similar technology, in turn easing the 
process of getting signatures on the budget. 

Managing demand is another crucial step. 
"It's not enough anymore to just act as a 
service provider, delivering whatever the 
business asks for at the lowest possible price 
with the best possible service levels," Feu- 
less says. "You have to look at that request 
for a new server and say, 'Can we fill this 
need with existing equipment, perhaps by 



adding a virtual server instead of a phys- 
ical one? Can we meet this need 
for more disk storage by 
altering the application 
to archive and purge 
new data?' The 
demand for 
new IT 




solu- 
tions and 
growth in ex- 
isting ones is 
huge, and without actively managing it 
in this way, it will far outstrip any cost 
reductions that IT can achieve through in- 
creased efficiencies." 

Connect The Dots 

Navigating the waters inhabited by both 
the business and IT units of an organization 
can be arduous, but those waters hold poten- 
tial for harnessing an IT budget. Jack Berg- 
strand, CEO of Brand Velocity (www.brand 
velocity.com) and author of "Reinvent Your 
Enterprise," suggests formally linking the 
organization's application architecture to its 
organizational structure — in other words, 
connecting the dots between applications 
and how they relate to key business and cus- 
tomer decision makers. This process can 
help IT managers determine when to dis- 
continue less-valuable systems while boost- 
ing spending on more valuable applications. 

"Another way is to take advantage of new 
technologies and opportunities in IT infra- 
structure," Bergstrand says. "Virtualization, 
cloud computing, leasing, offshoring, out- 
sourcing, and upgrading equipment can 
usually produce excellent returns on invest- 
ment. Be sure to leverage your key partners 
and your procurement specialists to proper- 
ly manage the available options." 



Bergstrand notes that it's also critical to 
manage IT demand by managing the dia- 
logue at the enterprise level to ensure that 
the "discretionary" IT budget targets 
solutions that are strategically impor- 
tant to the company. JGI's Weiss adds 
that IT managers shouldn't spend 
according to an arbitrary budget with 
no real understanding of what's driving 
the funded work or which projects the 
budget supports. The list doesn't end 
there in terms of what not to do. 
"Don't take every software upgrade that 
your friendly vendor wants you to buy; take 
the ones that pay out and plan them," 
Feuless says. "Don't assume that upper 
management will simply trust you. Get out- 
side help in making your business case, 
measuring results and comparing them to 
peer organizations. Don't treat the business 
units as outsiders. Involve them in your 
decision processes, share as much informa- 
tion with them as you can, listen to their 
feedback, and get them on your side." Ill 

Three Quick Tips 

Jack Bergstrand, CEO of Brand Velocity 
(www.brandvelocity.com) and author of 
"Reinvent Your Enterprise," offers the 
following quick tips for getting a better 
handle on your IT budget. 

1. Don't compromise on quality. Length- 
ening refresh cycles extensively is 
simply robbing from the future to pay for 
today and is not a sustainable approach. 

2. Know your players. Given that IT 
employees often feel the brunt of budget 
reductions, it's important for IT managers 
to think through who their key players are 
and what the company needs to do to 
retain and inspire them. 

3. Invest in training. If people aren't a 
priority, the best people are likely to go 
elsewhere when the recession ends, 
leaving the company with a very costly 
hiring and training problem. 
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Take Control 

Of Storage Demands 

Stay Ahead Of The Game As Storage Needs Skyrocket 



I applications that require a high I/O and 
immediate access to the data being stored, 
Tier 2 should contain files that you may 
need to access but don't necessarily need 
as immediately as your top-tier data, and 
Tier 3 should be reserved for backup and 
archived data. 

"There are storage management products 
out there that can help you get a better 
grasp on what you currently have in place 

I [and] how you can get more usable space 



by Robyn Weisman 
• • • 

Each year, perhaps since the days of 
punch cards, data center managers have had 
to wrestle with storage demands. What IT 
department wouldn't add "exponential 
increase in data" to such certainties as 
death and taxes? In a few years, worrying 
about a few petabytes of storage will seem 
quaint, much as discussing gigabyte hard 
drives seemed fanciful (albeit an eventuali- 
ty) back in the 1990s. 

Although increasing storage demands 
have been a concern for IT departments for 
decades, the issues data center managers 



Key Points 



Tier your data. This is especially important 
when you are using virtualization. 

Determine your strategy for adding 50% 
more capacity to your existing storage 
system. 

Make sure that when you choose a storage 
solution, you can remove your data from 
this system, as well as add data to it. 



face have changed over the years. 
Today's managers no longer have to 
worry about whether their de- 
partments can access enough 
storage space for their data 
because the cost of storage 
has dropped dramatically 
and should continue to do 
so. However, new issues, 
such as limitations on 
power and space, data 
location, and data secu- 
rity, are beginning to 
overwhelm even the 
most unflappable data 
center managers. 

So how do you get a 
handle on your data cen- 
ter' s storage? Here are a 
few tips to get you started. 

Visualize Your Data 

It's a good first step to 
classify your data into three 
separate tiers, says Charlotte 
Ward, enterprise storage specialist at 
CDW (www.cdw.com). According to 
Ward, Tier 1 should encompass primary 




IT & Business 
Integration 

Make The Case For Building A Better Business Model 



by Bruce Gain 

Despite its prevalence in the enterprise, 
the IT department is often treated like it's 
just one of several cost centers in the eyes 
of upper management. Oftentimes, business 
managers turn to IT to handle a specific 
task, such as managing email or data 
archiving, but after the project is up and 
running, business choices are made without 
including IT decision makers. 

Now, instead of looking at IT as a stand- 
alone entity that is on call to handle only cer- 
tain business needs, many small to midsized 
enterprises are integrating IT and business 
from a management and decision-making 



Key Points 



Every IT investment should have a tangible 
business benefit. 

Take the IT cost structure into considera- 
tion before making business decisions. 

The role of CIO is growing more important, 
with ClOs serving as a liaison between IT 
and the business. 



standpoint — and reaping huge benefits in 
operations efficiencies as a result. In the IT 
department, that means making sure that 
every investment solves a business need, as 
opposed to investing in a technology for its 
own sake. 

"Any change [in IT investments] should 
impact one of three business areas: you 
want to lower risk, lower cost, or add more 
value by enabling the business to make bet- 
ter margins," says Clive Longbottom, ser- 
vice director of business process facilitation 
at Quocirca (www.quocirca.com). "You 
need to find a match that will apply to one 
of those three." 

Day-To-Day Business Involvement 

A first step in integrating IT with busi- 
ness operations should involve assuming 
that virtually every business process 
involves IT and communicating its role to 
the business managers. "Business-line man- 
agers need to have a clear idea of where 
they're headed and of the problems they are 
trying to solve and be open to IT sugges- 
tions," says Susan Snedaker, principal con- 
sultant and founder of VirtualTeam 
Consulting (www.virtualteam.com). "Many 



times, IT will approach a problem very dif- 
ferently and sometimes come up with a 
simple, elegant solution that the business- 
line manager may never have thought of." 

As a counter example, not including IT 
in the business-making process can become 
an issue after plans are initiated. "I've seen 
many companies panic at the last minute 
because they forgot to include IT in a deci- 
sion or an initiative until it was far too 
late," Snedaker says. 

Combining IT with business processes 
should also involve paying very close 
attention to users' needs, Snedaker says. 
"I've seen a lot of IT staff come at a busi- 
ness problem as 'we cannot do that' for one 
reason or another, when, ultimately, it can 



be done," she says. "I've also seen a trend 
where IT staff says 'this is the only way it 
can be done,' which is completely unten- 
able for the user and also not a viable solu- 
tion. Somewhere between the perfect end 
user and IT worlds, there is a workable, 
acceptable solution [that is] maybe not per- 
fect in either world, but serviceable." 

The Cost Of Doing IT Business 

The IT cost structure should also play a 
key role in business decisions, as IT infra- 
structure costs in particular are increasingly 
becoming more of an issue. 

"Previously, when space and electricity 
were cheaper, you didn't have to worry as 
much about costs. But today, data centers 



Three Quick Tips 



1. Combine IT and business in one job. Business managers need a better understanding of IT, 
wliile tine tecli guys need a better grasp on flow IT decisions will improve business processes. So 
why not make sure that at least one person has both skills? "I'd recommend companies look at 
defining a position that is a sort of business/technology integrator role, who can speak business and 
technology and be the intermediary between two worlds that seem to collide more often than they 
collaborate," says Susan Snedaker, principal consultant and founder of VirtualTeam Consulting 
(www.virtualteam.com). "Often, project managers fill this role, and if thaf s the case, they need to be 
included and given the authority that comes with the responsibility of bridging that gap." 

2. Create department-by-department budgets. Itemizing how much different departments spend on 
IT can help to better manage costs, while making sure that IT investments are really furthering busi- 
ness needs, says Calvin Nicholson, director of product marketing for Server Technology (800/835- 
1515; www.servertech.com). "Each department often has a free ticket. In accounting, if they think 
they need new servers, then they just take them," Nicholson says. "But if they are billed for power 
out of a budget for the amount of infrastructure they use, then they probably would be more con- 
cerned about how many servers they have running." 

3. Track and analyze. Is there someone really tracking IT investments and costs and then weighing 
the data against benefits to the business? To do that, software system tools are recommended, 
says William Nelson, director of product management for Rackwise (www.rackwise.com). "You 
need modeling and data center intelligence, which can make sense of that mountain of data," 
Nelson says. 
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out of the capacity you've already pur- 
chased," says Ward. These types of solu- 
tions will help you visualize the location of 
your data, how frequently data is accessed, 
and whether duplicate copies of files exist 
in your storage network. 

Virtualization & Segmentation 

Data sprawl increasingly is becoming a 
huge headache for data centers, especially 
with the advent of virtual systems. 
"Virtualization is moving more toward 
compartmentalizing [an application] as 
much as possible . . . and tying that appli- 
cation to a specific set of storage 
resources," explains Kevin 
Bocek, director of product 
marketing at global secu- 
rity solutions provider 
Thales (www.thales 
group.com). "If I 
know this application 
handles my sensitive 
HR data, I need to 
take special care of 
that data," he says. 

Unclassified data 
can lead to security 
risks, as well. "If I 
have an understand- 
ing of where [data 
is] logically or physi- 
cally, I can at least 
better deal with some 
of the security issues," 
Bocek says. "We've seen 
organizations have started, as 
with the PCI DSS (Payment Card 
Industry Data Security Standard), to 
segment off parts of their storage net- 
works so that . . . they know where that 
data lives." 




Add Another 50% Or More 

Although it's a probably a no-brainer 
that your storage demands will continue 
to expand, your response to that inevitable 
expansion may not be as obvious. Evan 
Powell, CEO of software storage solu- 
tions provider Nexenta (www.nexenta 
.com), recommends thinking through how 
you will go about adding an additional 
50% of storage space to your existing 
storage solution. 

"You probably know that for your tradi- 
tional storage systems, the answer is to 
buy a new storage system," Powell says. 
"But what if data growth grows two to 
three times as fast as you expected it to? 
Do you have to throw out your old system, 
or is there an upgrade path you can take? 
Make sure you have those discussions 
with your team." 

Add The Right Storage 

Powell says it's important to be cog- 
nizant of vendor lock-in. "Look for flexi- 
ble, open solutions and be aware that once 
you get your data on a system, it's often 
hard to get it off the system," he says. 
"Once you have terabytes of data on a sys- 
tem, it can be a week's time just to get the 
data off it — and if you're buying from a 
proprietary vendor, [that vendor] may not 
make it easy to get your data off." 

When choosing new storage solutions, 
Powell suggests looking for unified storage 
that can handle NFS, iSCSI, and Fibre 
Channel, among other protocols. "Do you 
really know what the best protocol for sup- 
porting your future storage needs is going 
to be today?" says Powell. "It's much safer 
to choose a solution that supports all of 
these protocols." 



Three Quick Tips 

1 . Use encryption for mission-critical data 
and data on the move. Proper data encryp- 
tion not only protects customer data from 
identity theft, it protects your organization's 
identity, as well, says Steve Wilkins, product 
marketing manager at Thales (www.thales 
group.com). "When data is lost, typically hun- 
dreds of thousands of records are actually 
breached and can lead to additional costs 
associated with a loss of confidence in your 
organization," he says. 

2. Consider taking a training class on a 
potential virtualization product. Charlotte 
Ward, enterprise storage specialist at CDW 
(www.cdw.com), says that many virtualiza- 
tion vendors now offer trial versions of their 
software and that ideally you want to try out 
the software before implementing it. 

During this testing phase. Ward recommends 
taking a training class where a member of 
your staff can get hands-on experience with 
the product you are evaluating because that 
way the product becomes less oven^/helm- 
ing. "If you're able to use the trial version or 
purchase one copy of the type of virtualiza- 
tion software you're seriously considering 
and have gotten a chance to play around 
with it, you then will have legitimate environ- 
mental questions that can get answered in 
the class," she says. 

3. Consider a single, scalable VTL system. 

Jay Kramer, vice president of worldwide mar- 
keting at data protection solutions provider 
SEPATON (www.sepaton.com), suggests 
VTLs (virtual tape libraries) for data backup 
and archiving because they not only save 
you on space and power, they also can sim- 
plify the complexity of your environment, par- 
ticularly if it is a heterogeneous one. 



are $100 million processes," says William 
Nelson, director of product management at 
Rackwise (www.rackwise.com). "The 
stakes are higher, so now you have to tie 
everything together and understand it all." 

IT costs should especially be considered 
when your enterprise expands to different 
geographic locations. Nelson says. 

"You need to better understand what a 
move is really costing in dollars and cents 
for IT," he says. "When deciding between 
building a data center in either Singapore 
or Chicago, you have to compare real 
estate, equipment, power, and other costs 
for data centers. You then can deter- 
mine whether that [particular IT 
investment] is more efficient locally 
or globally." 

The CIO Rises Again 

CIOs were once given near star 
status in the business world, espe- 
cially at Fortune 500 technology 
firms, but they lost much of their 
luster after the dot-com bust in 
early 2000. 

"CIOs were thought of as strate- 
gic contributors through the late 
1990s, but in the bursting of the dot- 
com bubble, they were, as a class, 
demoted to mere caretakers of the 
communications and computing 
infrastructure," says Roger Kay, 
founder and president of analyst firm 
Endpoint Technologies Associates. 
"Ever since, CIOs have been trying to 
win their way back into the core of the 
business, but budgets have been tight 
and progress has been slow." 

But today, as enterprises increasingly 
begin to accept the idea that it makes 
sense to better integrate IT with business 



operations, the role of the head IT mana- 
ger should hold more sway. An active CIO 
that has the same status and decision- 
making authority as a CEO, COO, or a 
similar position in the hierarchical struc- 
ture can help to formalize IT's role in key 
business decisions. "There are increasing 
examples of businesses that rely strategi- 
cally on [CIOs] and IT for their success," 
Kay says." 



Indeed, the CIO's role should only further 
strengthen any enterprise's business model. 
"If you have a savvy C-team, your CIO has 
an equal voice at the table and can help drive 
strategic deployment of technology to sup- 
port — and better yet, enhance — the business 
objectives," Snedaker says. "The new breed 
of CIO works with the CEO, COO, and CEO 
to help develop business strategies that lever- 
age technology appropriate for the 



firm." 






I Former IVIadoff Computer 
Programmers Arrested 

Bernard L. Madoff Investment Securities' for- 
mer computer programmers were arrested by 
the FBI on charges of helping Madoff cover 
up his Ponzi scheme. Accused of creating the 
software that provided Madoff's company 
with thousands 
of false doc- 
uments for 
more than 
1 5 years 
to cover up 
its fraudulent 
activity, Jerome 
O'Hara and George 
Perez also face charges 
from the Securities and Exchange 
Commission. George S. Canellos, 
director of the SEC's New York Regional 
Office, says, "Without the help 
of O'Hara and Perez, the 
Madoff fraud would not 
have been possible." If 
convicted, the two 
men could face up to 
30 years of jail time. 

I Ericsson 
Completes Its 
Acquisition Of Nortel 

Ericsson has completed its $1 .3 billion 
acquisition of Nortel Networks' CDMA busi- 
ness and LTE assets in North America. The 
acquisition makes Ericsson a leading pro- 
vider of telecommunications technology and 
services in North America, which is now the 
Swedish company's largest sales region. 
With the region becoming an early adopter 
of LTE technology. Angel Ruiz, head of 
Ericsson's North American operations, says, 
"Ericsson will enjoy new access to North 
American CDMA customers and can better 
support CDMA networks that will transition 
to LTE." As part of the acquisition, important 
CDMA contracts with North American carri- 
ers, including Verizon, Sprint, U.S. Cellular, 
Bell Canada, Telus, and Leap, and CDMA 
and LTE patent licenses will be transferred 
to Ericsson. 

I Firefox Responsible 
For Most Browser Bugs 

According to the Web security firm Cenzic, 
Firefox was responsible for the most brows- 
er bugs reported in the first half of this year. 
Mozilla's browser accounted for 44% of the 
flaws. Firefox was followed by Apple's 
Safari, Microsoft's Internet Explorer, and 
Opera Software's Opera browser, which 
were responsible for 35%, 15%, and 6% of 
the flaws reported, respectively. A Cenzic 
spokesperson says that browser vulnerabili- 
ties are just one facet of browser security 
and shouldn't dissuade users from using a 
particular browser. Despite being the bug 
leader, Mozilla typically patches the issues 
quickly and claims that, because it is an 
open-source browser, it reports all flaws 
and fixes, whereas other closed-source 
browsers can patch flaws without report- 
ing them. Cenzic also points to Firefox's ris- 
ing popularity, making the browser subject 
to more scrutiny from security researchers 
and hackers. 

I Google To Buy Back Shares 

Not long after Google announced its inten- 
tions to acquire AdMob for $750 million in 
stock, CEO Eric Schmidt told Bloomberg 
that the search giant wants to buy back $750 
million worth of shares using cash on hand. 
The buyback, an uncharacteristic move for 
the Mountain View, Calif., company, would 
serve to protect investor holdings after the 
acquisition. The AdMob purchase is Google's 
third largest after DoubleClick (in 2008) and 
YouTube (in 2006). 
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I Judge Favors Apple In 
Copy Infringement Case 

A federal judge found in favor of Apple in its 
suit against Psystar, which has been selling 
Mac clones. U.S. District Court Judge William 
Alsup granted Apple's request for summary 
judgment and denied Psystar's counterclaim 
and also ruled for Apple in its claim that 
Psystar violated the Digital Millennium 
Copyright Act. "Psystar has violated the 
DMCA by circumventing Apple's protection 
barrier and trafficking devices designed for 
circumvention," Alsup said in the ruling. Other 
claims from Apple could still go to trial, such 
as breach of contract, trademark infringe- 
ment, and trademark dilution, and the trial 
has been scheduled to begin next month. 

I IBM Builds Health Analytics 
Solution Center 

IBM has built a center in Dallas that will 
employ more than 100 health analytics 
experts, technical architects, and specialists. 
The Health Analytics Solution Center is 
designed to help hospitals and medical staff 
improve their decision-making and provide 
higher-quality care through the growing 
demand for advanced analytics. Experts 
include IBM's Business Analytics and Op- 
timization consulting organization and IBM 
Research. The center will help others decide 
how to take advantage of advanced comput- 
ing power to collect and analyze data stream- 
ing from sensors, patient monitoring systems, 
medical instruments, and handheld devices. 
Pharmaceutical companies can also use the 
data to gather intelligence. 




I New Technologies Help Create 
Larger Personal Networks 

A report from the Pew Internet & American 
Life Project found that new technologies such 
as the Internet and mobile phones have 
helped people create larger and more di- 
verse personal networks. Previous studies 
have suggested that technology has made 
Americans more socially isolated, especially 
from those in their neighborhoods and volun- 
tary associations. The report states that those 
with mobile phones have personal networks 
that are 25% more diverse than those with- 
out, and Internet users' networks are 15% 
more likely to include nonrelated partners in 
their social lives. The study also says that 
social networking services offer a substitute 
for some levels of neighborhood involvement. 

I T-Mobile Employees 
Sold Customer Information 

According to the UK's Information Commis- 
sioner's Office, employees at T-Mobile UK 
have sold private customer information to 
brokers, who then sold the information to 
other phone companies. The ICO alleges 
that thousands of account details were sold 
without the consent of the customers. Em- 
ployees sold information, such as the end 
dates of contracts and phone numbers, so 
other phone companies were able to contact 
customers and attempt to lure them with 
deals to switch companies. T-Mobile has 
been cooperating with the government to 
identify the employees responsible, and no 
information has been released regarding 
which companies purchased the information. 



FEATURE PACKAGE 



Effective Security Training 

Training End Users In Security Policies & Practices Is Essential To The Enterprise 



by Sandra Kay Miller 
• • • 

When it comes to securing private 
data and networks, there's only so much 
the IT staff can do before they must rely 
on the engagement and support from their 
end users, and that means ensuring that 
there is a holistic and dynamic training 
program in place. 

"You can't make people behave by 
throwing more technology at the problem, 
be it firewalls, malware scanners, or intru- 
sion detection solutions," says Marcus 
Ranum, chief security officer of Tenable 
Network Security (www.tenablesecurity 
.com). "Security is a process and a social 
problem, not a technical challenge." 

Shon Harris, owner and president of 
Logical Security (www.logicalsecurity 
.com), has seen that as technology becomes 
more integrated and complex, end users are 
requiring a much more in-depth knowledge, 
especially in regards to regulatory compli- 
ance. Unfortunately, during the downturn in 
the economy, Harris offers another observa- 
tion: "Training is the last thing on the mind 
of those with the purse strings and the first 
thing to be axed when budgets are cut." 

Even with limited resources, there are 
a number of things organizations can 
do to keep employees up-to-date on se- 
curity measures. 

Plan Ahead 

When employee training is an after- 
thought, especially during a new rollout or 
upgrade, it often spells disaster. The non- 
profit ITrain (International Association of 
Information Technology Trainers; www 
.itrain.org) estimates that companies should 
plan for at least 10% of a project's budget 
for training. 

Having a game plan in place prior to the 
implementation of new hardware and soft- 
ware can also alleviate pressure from IT 
and help desk staff. For example, when 
Unisys upgraded users to Microsoft Win- 
dows XP and Office 2003, end-user train- 
ing was completely ignored. The resulting 
strain on internal support staff was over- 
whelming and ultimately much more costly 
than a proactive training approach would 
have been. 

For its 2009 Microsoft Vista rollout to 
30,000 users, Unisys adopted a "train first, 
upgrade second, advanced training third" 



plan. End users received a basic view of 
what to expect before their workstations 
were actually upgraded. After becoming 
familiar with the new software, more train- 
ing was provided to expose users to ad- 
vanced features they may not have utilized 
on their own. 

Getting ahead on end-user training can 
also help avoid the common train wreck of 
having IT personnel highly qualified in their 
areas of expertise who are not adept at 
translating that information into a format 
conducive to a teaching environment. Too 
often, user training about security features 
and compliance issues are left up to the IT 
staff, and ITrain regularly encounters orga- 
nizations in need of certified trainers who 
can provide end users with professional 
materials and teaching methods. 

ITrain has found that standardized train- 
ing materials aren't always the best solution 
for effective user education. "Training 
materials need to be aligned with the busi- 
ness processes," explains David Murphy, 
founder of ITrain, who adds that most 
trainers only cover the functionality of the 

Three Quick Tips 

1. Post hard-copy notices or informative 
posters of critical security issues to keep 
end users current. 

2. Train end users to spot security issues 
specific to their particular job. For 
instance, finance employees should be 
educated on compliance and fraud. 

3. Have multiple layers of defense in place, 
as even the most informed end users can 
also make mistakes. 

equipment or software and not how it 
relates to the users' job functions. "Training 
should focus on how users can do their jobs 
more effectively, not just how the technolo- 
gy works," he says. 

One-Two Punch 

Security training can be broken down into 
two distinct segments to make it more effec- 
tive — general and specific. General topics 
cover areas applicable to everyone, such as 
policies and procedures, rules for handling 
confidential data, and what to do in the 
event of a security risk or threat. 
This type of information should be able to 
be regularly delivered in multiple 
formats (lecture, forum, 
newsletter, e- 
mail, Web 



I 



Key Points 



Revisit end-user policies regarding IT usage 
on a regular basis. 

Training should focus both on general ideas 
that apply to everyone and on topics relevant 
to more specific groups. 

Use a combination of training and technology 
to educate end users and enforce policies. 




page, etc.), especially in environments with 
rapid employee turnovers. 

The second tier of end-user training 
should be aimed at specific user groups. At 
this point, it may be worthwhile to engage 
professional services to deliver targeted user 
training. Not only does this ensure that spe- 
cific materials are being covered, but it also 
removes the burden often heaped upon the 
IT department. 

Regardless of the user training content, 
it's imperative that it be kept current. 
"Security is a moving target," says Roger 
Thompson, chief research officer for AVG 
(www.avg.com). Thompson points out that 
most end users are not thinking about secu- 
rity, especially when using the Web for 
user-friendly applications such as social net- 
working. Furthermore, many of the legiti- 
mate Web 2.0 business tools are rooted in 
early social networking applications that 
were only a short time ago considered secu- 
rity threats and routinely blocked by corpo- 
rate networks. 

Security professionals suggest policies 
should be revisited at least twice a year and 
even as much as monthly for organizations 
bound by regulatory laws. 

Mix It Up 

How many times has a room full of 
users rolled their eyes at the same old lec- 
ture about not following links in emails 
from unknown senders? Drilling home the 
message of security doesn't have to be 
boring. By bringing multiple channels for 
learning to the table, users are more apt to 
retain information. 

Today, there are a multitude of methods 
for educating end users. From simple 
posters placed in strategic places such as 
lunch rooms to interactive e-leaming, orga- 
nizations have much more of a variety for 
education. Security vendors are also provid- 
ing more interactive tools and methods for 
education. For instance, although Thomp- 
son warns about the danger of social net- 
working sites, he routinely posts informa- 
tive information about security issues to 
blogs and interactive applications such as 
Facebook and YouTube. 

One critical end-user training opportu- 
nity in particular that is often over- 
looked is peer training. Online forums 
have become popular as a method for 
users to share their knowledge base 
with each other. These types of forums 
can be set up internally and maintained 
and monitored by IT. For a more per- 
sonal touch, something as simple as a 
voluntary session over lunch on a 
particular topic can spark better 
security practices among em- 
ployees. The key to effective 
training is keeping users 
engaged and concurrent on 
how their choices ultimately 
affect the organization. 
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THREE QUESTIONS 

A Tapeless 
Backup Approach 

Idealstor Simplifies & Speeds Backups With Ejectable Disks 



by Daniel P. Dern 
• • • 

Tape is still a popular backup media, but 
with hard drive capacities now reaching 
the 2TB range and per-terabyte prices con- 
tinuing to decline, hard drives have be- 
come an affordable alternative. 



IDEALST 



Idealstor (www.idealstor.com) was 
founded in 2002 by systems integrator 
Nezzen Systems in response to customer 
dissatisfaction with tape's limits and diffi- 
culties as a backup media. The company 
instead uses removable/ejectable disks as 
media suitable for local storage, backup, 
offsite archiving, and disaster recovery 
and develops backup software designed 
for disk rather than tape targets. 



Idealstor offers both backup hardware — 
Idealstor Backup Appliance — and its iBac 
software to companies of all types and 
sizes. Nandan Arora is the company's 
chief technology officer. 

■ What are the biggest IT-related issues 
facing today's small to 
midsized enterprise? 

"The biggest problem we 
see is twofold," Arora says. 
\ R ™ "One, the amount of data 
that companies have — and 
need to back up — continues 
to increase, but at the same 
time, the backup window 
where systems can be unavailable or slow- 
er is decreasing to nonexistent. So you 
need to be able to back up data faster and 
with less impact to operations." 

The second part, Arora explains, is that 
"every day there are new ways and tech- 
nologies available to back up the data, so 
the question is what method or methods do 
I choose, and how do they and my existing 
methods and media fit into this?" 



■ What should Processor readers know 
about your company's products? 

"We make a removable disk backup 
system designed to offer the speed, capaci- 
ty, and reliability of disk combined with 
the portability of tape backup," says 
Arora. "Mostly we compete with tape 
backup, some with disk. It's about not 
changing the process — backing up to 
media and sending them offsite, but now 
with disk, not tape." 

Companies are buying Idealstor sys- 
tems as an alternative to using tape for 
daily/weekly/monthly backup, says Arora, 
"and some also are using us for long- 
term storage for archival compliance." 
Idealstor' s removable tape is also used as 
a way to avoid disk-to-disk-to-tape back- 
ups, Arora says. 

Idealstor' s hardware product line 
includes SATA- and IDE-based ejectable 
backup and storage systems, including the 
1- to 4-bay Teralyte appliances aimed at 
SMEs; the 2-, 4-, 6-, and 8-bay Backup 
Appliances; and the FrankeNAS, which 



uses half its capacity as a RAID 5 array 
and the other half for up to four removable 
drive bays. "Our hardware can work with 
any backup software that can back up to 
disk," says Arora. "We can use any 3.5- 
inch SATA drive from any manufacturer, 
of any capacity." 

On the software side, Idealstor' s iBac 
for Windows software is disk-to-disk 
backup software that combines native for- 
mat backup, drag-and-drop restore, file- 
level deduplication, and consistent point in 
time backups of Windows databases. 
Idealstor also offers backup software for 
use with VMware and Microsoft Hyper-V 
computer virtualization environments. 
"We let you have one license per host, 
which makes licensing easier and less 
expensive," says Arora. 

■ What makes your company unique? 

Compared to the volatility of much 
of the computer industry, Idealstor' s 
approach has been unusually stable. 
"We've been selling this product for 
seven years, and our pitch hasn't changed, 
just the price and capacity of the media," 
says Arora. 

Also, Arora points out, unlike tape 
users, who need to get new drives or 
entire systems in order to use new types 
of tape, "A customer who bought our 
product three years ago doesn't have to 
buy a new system, just new disks. If a 
customer needs to go to a new disk for- 
mat like SATA, we provide an upgrade 
path, so most of their investment is still 
protected, and we also provide combo 
systems so they can continue to use the 
old media." 



Overland Storage NEOs Family 
Of Automated Tape Libraries 




NEW PRODUCT 



by Joanna Safford 



Overland Storage 
NEOs Family 

Automated tape libraries 
for cost-effective backup 
and archiving. 
Starting at $3,995 



Save Space & Resources 



Backup and disaster recovery tools are 
critical in any data center environment, but 
they can be difficult to fund and maintain 
on a limited IT budget. If your data center 
requires reliable data backup, but you 
know you're working with a restricted IT 
financial plan. Overland Storage can pro- 
vide the appropriate archiving solutions to 
meet your enterprise backup needs. 

Overland Storage is offering the NEOs 
family of automated tape libraries, which 
includes the NEO 200s and the NEO 
400s. According to Richard Villars, vice 
president of storage systems and execu- 
tive strategies at IDC, "Solutions like 
Overland's new NEO mid-range tape 
libraries will help SMEs better protect 
their IT investments while overcoming 
space, resource and budget limitations." 

The NEO 200s, a space-saving 2U 
model with up to 38.4TB of storage, and 
the expandable NEO 400s, featuring a 



Gerland 

STORAGE^ 

Simply Protected 



4U form factor, redundant power, and up 
to 76.8TB of capacity, are designed for 
basic installation and reliable operation. 
The NEO 200s is offered in two models, 
a one-drive, 12-cartridge autoloader and 
a one- or two-drive 24-cartridge library. 
Moreover, the NEO 400s comes with up 
to four tape drives and up to 48 cartridges 
and features disk-based backup and parti- 
tioning capabilities, making it ideal for 
more data-intensive environments. 

Together these NEOs solutions offer 
full Web-based remote management and 
diagnostics, fast media tracking (via inte- 
grated barcode reader), user-configurable 
mail slots, and data encryption for busi- 
ness-critical compliance. SCSI, SAS, and 
Fibre Channel configuration support for 
high-speed data transfers is also includ- 
ed. Each offering also uses HP LT03 and 
LT04 tapes that are designed for movabil- 
ity and efficient upgrades. 



) 343-7627 
www.overlandstorage.com 




Simple & Quick 
Backup & Recovery 

CMS Products BounceBack Ultimate 



by Seth Colaner 
• • • 

Every data center employee knows 
the necessity of backup and recovery 
solutions. CMS Products' BounceBack 
Ultimate is designed to be a "digital 
spare tire" for PCs, allowing users to 
back up and restore the entire contents 
of a PC, including applications, data, 
personal settings, operating system, par- 
titioning, and formatting. 

Features include Instant PC Recovery, 
which lets users start up a PC from an 
external USB hard drive in case the 
operating system or hardware malfunc- 
tions, and instant One-Button Recovery, 
which is a simple and direct way of 
restoring a PC hard drive without the 
need for reinstalling anything. The 
QuickRestore function also lets users 
quickly restore specific files and folders. 

Other features include CDP (Contin- 
uous Data Protection), a function of 
BounceBack Ultimate that continuous- 
ly keeps new or modified files up-to- 
date; the ability to let Bounce-Back 
Ultimate run its processes in the back- 
ground so users can continue to work 
while the program takes care of busi- 
ness; and easy-to-configure AES 256- 
bit en-cryption to secure your data 
from prying eyes. 



BounceBack Ultimate also lets users 
back up to multiple media, such as an 
external hard drive or network drive, 
simultaneously so users can have multi- 
ple concurrent backups. With synchro- 
nization capabilities enabled, users can 
save a backup of their projects on a 
backup drive and use the drive on other 
computers. When the drive is again con- 
nected to the original computer, 
BounceBack Ultimate automatically 
syncs the changes, ensuring you're 
always working with the most up-to-date 
files. Users can also schedule backups 
and create backup sets. 




PRODUCTS 



CMS Products 
BounceBack Ultimate 

Full download: $89 
Full CD: $99 
Upgrade download: $69 
Upgrade CD: $79 

Lets users back up and restore the 
entire contents of a PC. 

(800) 327-5773 

www.cmsproducts.com 
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Mobile Storage 



CMS Products ABS-Secure 




The ABS-Secure encrypted external hard drive features 
USB 2.0 connections with capacities ranging from 80 to 
500GB. Designed for optimum portability and rugged 
durability, the ABS-Secure weighs just 7 ounces and fea- 
tures the CMS DataGuard shock-absorbing sleeve, which 
allows the drive to sustain a shock of 190Gs while operat- 
ing and 1 ,OOOGs when not operating. ABS-Secure fea- 
tures 256-bit AES encryption and CMS' CE Secure Full 
Disk Encryption Software as well as CMS' BounceBack 
Express Version 8.0 for backup and restore capabilities. 
ABS-Secure is powered by USB and spins at 5,400rpm. 

• QuickRestore lets you restore individual files or folders 

• Multidestination backup lets you back up to any local 
or mapped network drive simultaneously 

• Continuous data protection 

• Three-year warranty 

Best For: Sensitive data storage in rough environments. 
Price: $173 (160GB); $187 (320GB); $207 (500GB) 



CMS Products 
BounceBack Ultimate 




(800) 327-5773 
www.cmsproducts.com 



BounceBack Ultimate software lets you make a complete 
copy of your computer, including the operating system, 
formatting, applications, files, and settings, so you can 
recover everything on your computer in the event of an 
operating system or hardware malfunction. With the 
Instant PC Recovery feature, you can boot your computer 
from an external USB hard drive and use your applica- 
tions and access your data as you normally would. To 
restore your system, you can use the One-Button Recov- 
ery feature, which will restore your system to either your 
previous hard drive or a new one, if necessary. 

• Lets you restore your PC from an external hard drive 

• QuickRestore lets you restore individual files and folders 

• Backup options include continuous backup, schedul- 
ing, customized backups, and parallel backups 

• 256-bit AES encryption 

Best For: Those who need a simple, immediate restore 
solution in the event of a disaster. 

Price: $69 for a download version; $79 for a CD version 



(800) 327-5773 
www.cmsproducts.com 



CMS Products Vault OTG 




The Vault OTG encrypted flash drive uses 256-bit AES 
encryption to protect against prying eyes in the event of 
loss or theft. To increase protection, the Vault OTG sup- 
ports passwords of up to 64 characters. Available in 
capacities of 1GB, 2GB, 4GB, 8GB, or 16GB, the Vault 
OTG comes preconfigured for immediate use right out of 
the box with preloaded software and drag-and-drop func- 
tionality. To protect against threats from keyloggers. 
Vault OTG features a screen-displayed keyboard. 

• Powered by USB 

• Weighs just 1 ounce 

• Includes a 19-inch lanyard 

• When unplugged, it automatically locks, requiring the 
input of the password before it can be used again 

• Leaves no trace of activity on your system 

Best For: Anyone who needs to use public computers 
but has sensitive data. 

Price: $29 (1GB); $49 (2GB); $79 (4GB); $99 (8GB); 
$149 (16GB) 

(800) 327-5773 
www.cmsproducts.com 



Lexar JumpDrive Secure II Plus 




Lexar JumpDrive Secure II Plus features a 10-bar ca- 
pacity meter that displays available storage space at 
a glance, even when disconnected from a computer. 
JumpDrive Secure II Plus works across platforms, and 
its display functions are designed to give you complete 
flexibility and ease of use by working independently of 
the operating system. You can create multiple password- 
protected areas called Encrypted Vaults that automa- 
tically encrypt your data with on-the-fly 256-bit AES 
encryption. The File Shredder feature is designed to 
securely and thoroughly delete files so they can't be 
recovered, ensuring your data is secure. 

• Display maintains reading when unplugged from com- 
puter 

• Includes Secure II software for advanced data 
protection 

• Drag-and-drop file encryption 

Best For: Those who need a secure but portable data 
solution. 

Price: $17.99 (2GB) to $259.99 (64GB) 



Olixir Mobile DataVaultSDX 




The high-capacity Mobile DataVault 3DX is an easy-to-use, 
secure plug-and-play data storage tool. Mobile DataVault 
drives can be used interchangeably with Olixir's USB 2.0, 
FireWire, SATA, and eSATA cable interfaces. The drives 
can also be used as hot-swappable cartridges with Olixir's 
chassis-based systems, which include 5.25-inch docking 
bays, desktop towers, and large-capacity 1 9-inch rack- 
mount systems. The Mobile DataVault drives support Mac 
OS 8.6 and higher, Win2000/XPA/ista, and Linux OSes 
and are compact enough to fit into the palm of your hand. 

• Ultra-rugged portable hard drives can be used stand- 
alone with cable interfaces or in Olixir's chassis- 
based systems 

• Can survive nonoperational shocks of up to 1 ,200Gs 

• Mobile DataVault 3DX drives can easily be repurposed, 
eliminating waste and maximizing ROI 

Best For: Maximum storage capacity needs in rough envi- 
ronments. 

Price: Starts at $350 (320GB with FireWire, eSATA, 
or USB 2.0 cable) 



QuickVault PC File Vault 
& Mobile File Vault 




I "I 

PC File Vault is designed for the mobile business user and 
provides continuous PC backup to an FTP server. Users 
are able to back up data to a mobile device or their own 
FTP servers. PC File Vault also includes secure file shar- 
ing and complete audit trails (forensics) for data that is 
shared internally or externally. Mobile File Vault compress- 
es and encrypts any data stored on a device's microSD 
card. Both programs feature an administrative control 
panel that allows a system administrator to centrally moni- 
tor and track all backup and file sharing activities. Other 
features include Web-based security administration, thin 
client file access, digital file sharing, and online reporting. 

• Enhanced security tools, including USB endpoint securi- 
ty. Web-based security, 256-bit AES encryption, and 
secure digital file sharing 

• Backup options include scheduling and drag-and-drop 
functionality, the ability to back up to a single or multiple 
PCs, remote FTP backup, incremental file backup, and 
the ability to back up by file type or folder 

Best For: Disaster recovery protection for enterprises and 
mobile professionals. 



Product 



Description 



Contact 



Product 



Description 



Contact 



(510)413-1200 
www.lexar.com 



(800) 719-0595 
www.olixir.com 



(404) 316-9947 

www.pcfilevault.com; www.mobilefilevault.com 
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Iomega eGo Encrypt Portable 
Hard Drive, 320GB 




The Iomega eGo Encrypt Portable Hard Drive is designed to let you take sensi- 
tive data with you anywhere. With a USB interface, hardware-based encryption 
(128-bit AES), and Iomega's Drop Guard Xtreme feature, the eGo Encrypt 
Portable Hard Drive protects your data from unauthorized access and acciden- 
tal drops. The 320GB hard drive is silver and includes the Power Grip band. 
The eGo Encrypt Portable Hard Drive includes EMC Retrospect software and 
MozyHome Online backup (2GB free) service. 

• Extra security with 1 28-bit AES hardware encryption 

• Drop Guard Xtreme feature protects the drive when dropped up to 7 feet 

• Designed to be compact at 5.5 x 3.63 x 1 inches (HxWxD) and 0.6 pound 

• Hardware-based encryption boosts performance 

• Can automatically back up your drive with EMC Retrospect and MozyHome 
Ultimate Online software 

Best For: Rugged applications that require durability and security. 

Price: $109.99 



(858) 314-7000 
go.iomega.com 



IronKey S200 




The IronKey S200 is a physically and cryptographically secure USB flash drive 
with FIPS 140-2 Level 3 validation. Used by government and enterprise cus- 
tomers, the S200 features hardened physical security, the latest Crypto-chip 
technology, active anti-malware, and enhanced management capabilities. 

• Tamper-resistant and tamper-evident rugged metal case 

• Anti-malware capabilities in hardware designed to provide a layer of protection 
from malware and prevent its spread onto networks 

• Includes extended-life flash memory capable of running high-bandwidth appli- 
cations such as data backups, virtual machines, or bootable mobile desktops 

• Enterprise Management Cloud Service for enforcing security policies, provid- 
ing security and anti-malware updates, and tracking and auditing hundreds of 
thousands of devices 

Best For: Business personnel who need a portable device to store ultra-sensi- 
tive information. 

Price: Starts at $79 (1GB) 



(650) 492-4055 
www.ironkey.com 



SanDisk Cruzer Enterprise FIPS Secure 
USB With McAfee Malware Protection 




SanDisk Cruzer Enterprise FIPS Secure USB with McAfee Malware Protection 
imposes mandatory, hardware-based encryption on all files and password pro- 
tection to safeguard data stored on company-issued drives. Cruzer Enterprise 
USB devices are designed to help enterprises mitigate the risk of data loss by 
ensuring that data on the USB device remains inaccessible unless an encryption 
key or password is provided. Cruzer Enterprise with McAfee Malware Protection 
boosts security defenses with automatic, device-resident malware scanning. 
SanDisk Cruzer Enterprise secure USB drives feature FIPS 140-2 Level 2 certifi- 
cation for encryption. 

• Ultra-fast transfer speeds and a simple user interface 

• Plug-and-play USB security product 

• FIPS 140-2 Level 2-certified 

• Hardware-based 256-bit AES encryption 

• Mandatory access control for all files (100% private partition) and strong pass- 
word enforcement with a "lockdown" mode when a predetermined number of 
incorrect password attempts are made 

Best For: Enterprises that require stringent security for their portable data. 

Price: Starts at $65 



SanDisk Central Management & Control 



SaiDisk* 



SanDisk's CMC (Central Management & Control) software provisions, secures, 
and manages USB flash drives that connect to a corporate network. The soft- 
ware is designed to provide lifecycle management of drives, including deploy- 
ment throughout the organization, password recovery and renewal through the 
network, central backup and restore, central usage tracking, and remote termina- 
tion of lost drives. CMC protects drives from unauthorized users if the drive is lost 
or stolen, and the backup feature of CMC makes it simple for the IT department 
to provision a new drive with the files from the missing drive. 

• Centralized deployment and provisioning 

• Application and licensing management 

• RSA SecurlD authentication integration 

• Remote termination of any lost secure flash drive 

• Auditing for regulatory compliance 

• Seamless drive backup 

Best For: Tracking the complete life cycle of flash drives. 



(408) 801-1000 
www.sandisk.com 



(408) 801-1000 
www.sandisk.com 
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Crossroads Systems 
ReadVerify Appliance 



Crossroads Systems 
TapeSentry 




Description 



Contact 



Crossroads Systems RVA (ReadVerify Appliance) is designed to provide a simple 
means of monitoring, tracking, and reporting on tape devices and media to help ensure 
the optimal performance, utilization, and health of a tape library environment, in addition 
to ensuring tape backup system integrity. With adequate visibility, RVA helps data 
center administrators discover and mitigate any media or hardware issues before an 
organization-threatening failure occurs. 

• Monitors, tracks, alerts, and reports on performance and utilization in real time 

• Offers insight into incomplete or failed backups 

• Helps discover and address system issues before failures occur 

• Optional ArchiveVerify feature automatically validates readability of media for regula- 
tory compliance 

• Monitors small department libraries through enterprise-class libraries of 10,000 slots 
and more 

Best For: Proactively monitoring and validating the integrity of tape media and tracking 
the performance and utilization of tape devices in a tape library. 

Price: Starts at $5,900 (MSRP) 



(512) 349-0300 
www.crossroads.com 



Designed to alleviate the security issues associated with tape storage. Crossroads 
Systems TapeSentry encrypts tape media to prevent unauthorized access, theft, and 
data loss. Adding TapeSentry to a data center won't impact server performance and is 
designed for quick and easy implementation with the ability to configure any port, host 
access, or device connectivity. TapeSentry features centralized key management via a 
Web-based interface with support for flexible, non-drive, or device-dependent encryption 
policies. Other features include multisite key replication, automatic backup and recovery, 
and secure sharing of data in the event of a disaster recovery effort. 

• Data encryption to prevent loss or theft 

• Support for secure key management 

• Requires no infrastructure updates or add-ons 

• Avoids performance slowdowns during integration with backup applications 

• Flexible encryption policies 

• Easy setup and configuration 

Best For: Rapidly and cost-efficiently encrypting your data stored on tape with simple, 
secure, and robust key management. 



(512) 349-0300 
www.crossroads.com 



Product I 



Description 



Overland Storage NEC 2000E & 4000E 




Designed for easy installation and compatibility with future technologies, the Overland 
Storage NEO 2000E and 4000E offer embedded SCSI, Fibre Channel, or SAS connec- 
tivity. In addition to support for LTO half-height tape drive and direct-connect interfaces 
for lowering initial costs and ensuring data protection, the NEO 2000E integrates with 
Overland's REO Series of disk-based backup and recovery VTLs, Snap Server NAS 
appliances, and ULTAMUS RAID SAN. It also features a scalable, multimodular design 
from 30 to 240 cartridges per module. The 4000E features redundant power. 

• Storage capacity of 1 2TB (2000E) or 24TB (4000E) up to 384TB 

• Can handle 432GB per hour up to 13.8TB per hour 

• Embedded SCSI, Fibre Channel, and SAS connectivity 

• Support for LTO half-height tape drive and direct-connect interfaces 

• Modular design for scalability 

• Easy integration with existing storage devices and appliances 
Best For: Midrange data storage requirements. 

Price: Starts at $8,999 for the 2000E and $39,999 for the 4000E 



Spectra Logic T50e Tape Library 




The Spectra Logic T50e Tape Library offers enterprise capabilities in a compact 4U 
rackmount library with a range of support options to complement specific requirements. 
The T50e features LTO technology, library media management functionality, and 
increased security through the integrated BlueScale Encryption. It is compatible with all 
major backup packages and operating systems. Connectivity options on the T50e 
include direct-connect SCSI or Fibre Channel, with iSCSI support planned in the future. 

• Setup takes less than half an hour 

• Management via Web browser for easy operation 

• Built-in AES 256-bit BlueScale Encryption and Key Management 

• Monitors its own drives, power supplies, controller, and robotics with the 
AutoSupport features 

• Media Lifecycle Management and Certified Media tools to detect media errors before 
they happen 

Best For: SMBs and remote offices. 

Price: Starts at $9,995 



Contact I 



(888) 343-7627 
www.overlandstorage.com 



(877) 205-7005 
www.spectralogic.com 
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Gresham Enterprise Storage ' HP StorageWorks RDX 
Clareti Enterprise DistribuTape Rennovable Disk Backup System 



Gresham^ 



Storage Solutions 



Greshann's Enterprise DistribuTape works with TSIVI 
(Tivoli Storage IVIanager) to help users innprove their 
tape storage processes. Enterprise DistribuTape with 
TSIVI offers SCRATCH pool support, autonnatic 
network path failover, and drive and nnedia tinne 
nnount optinnization. 

• Allows for sharing of consolidated drive pools 

• Optinnizes drive operations 

• Autonnates nnedia nnanagennent, reporting, and 
diagnostics 

• Enables nnainfranne and open systenns environ- 
nnents to share libraries 

Best For: Environnnents that use Tivoli Storage 
Manager and require reliable, efficient tape storage 
without failures. 



(800) 450-0575 
www.greshann-storage.conn 




iliiia 



The RDX Rennovable Disk Backup Systenn offers fast disk- 
based perfornnance with the ability to store 1 60GB or 320GB 
of data on a single rennovable disk cartridge at speeds of up 
to 108GB per hour. Portable, durable, and rugged rennovable 
disk cartridges let you sinnply and securely store backups off- 
site for connplete data protection and peace of nnind. 

• Drag-and-drop file access designed to nnake backup as 
sinnple and convenient as a nnouse click 

• Backup of data at hard drive speeds of up to 1 08GB 
per hour 

• Randonn disk access to restore critical files in seconds 

• Easy scalability and expandability 

• Plug-and-play innplennentation 

Best For: Snnall and nnediunn-sized enterprises needing a 
sinnple, inexpensive, and reliable way to protect critical data 
and systenns. 

Price: Starts at $299 



(800) 289-6947 
www.hp.conn 



HP StorageWorks DAT160 
USB Tape Drive 




Protect your snnall or nnediunn-sized enterprise, rennote office, or workgroup 
with the HP StorageWorks DAT 160 USB Tape Drive offering the highest 
capacity and perfornnance with the ability to store up to 160GB of conn- 
pressed data on a single cartridge at speeds of up to 50GB per hour (assunn- 
ing 2:1 data connpression). The DAT 160 USB Tape Drive is available with a 
USB 2.0 interface for low-cost universal plug-and-play connectivity in a 
choice of nnodels, including internal (which also fits in the 1 U Rack-Mount kit) 
and external, nnaking it connpatible with virtually any server environnnent. 

• Can store up to 1 60GB on a single cartridge while backing up to 50GB 
per hour or one cartridge in about three hours 

• Two-generation backward-conn patibi I ity with DAT 40 and DAT 72 tape 
drives 

• Low-cost backup solution and ongoing low cost of ownership 

• Universal plug-and-play native USB 2.0 interface 

• Snnall half-height fornn factor and choice of nnodels to fit servers, work- 
stations, and racknnount kits 

Best For: Snnall and nnediunn-sized enterprises requiring cost-effective 
long-life data retention. 

Price: Starts at $729 



(800) 289-6947 
www.hp.conn 




Spectra 
Logic T680 
Tape Library 




The Spectra Logic T680 Tape Library features the ability to store a petabyte of data in a 
single rack space and is expandable up to nnore than 10,000 slots of storage. Designed to 
elinninate backup failures caused by dirty or overused tape nnedia, the T680 supports 
Spectra's BlueScale software to provide a single layer for a nunnber of nnanagennent tasks. 



Sun Microsystems 
StorageTek SL3000 
Modular Library 
System 




The Sun StorageTek SL3000 Modular Library Systenn lets you grow your tape autonnation environnnent at 
your own pace, fronn 200 to nnore than 3,000 cartridge slots. Its open design offers true nnixed nnedia, logical 
and physical partitioning capabilities, advanced nnanagennent, and high-availability features, so you can con- 
solidate nnainfranne and open systenns environnnents while nnininnizing power, space, and operating costs. 



• Supports up to 680 tape cartridges and TranScales to the T950 for nnore than 1 0,000 • Scales fronn 200 to 3,000 cartridge slots 



tape cartridges 


• RealTinne Growth and Capacity on Dennand sinnplify scalability 


• 1 .08PB (connpressed) nnaxinnunn capacity 


• Flexible solution for partitioning, sharing, and nnanaging 


• Supports 1 2 full-height tape drives (with support for up to 24 drives planned) 


• Ennploys technologies designed to sinnplify capacity planning 


• 1 0.4TB/hour (connpressed) throughput with LTO-4 drives and nnedia 


• Supports for both nnainfranne and open systenns 


• Connectivity via nTier disk cache, VTL, Fibre Channel, SCSI, or iSCSI 






Best For: Midrange storage needs. 


Best For: Mediunn-sized businesses to snnall enterprises. 






Price: Starts at $67,990 


Price: Starts at $67,780 




(877) 205-7005 


(800) 786-0404 


www.spectralogic.com 


www.sun.com 
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Save Money 
On Backups 



Solutions For Your SME 



by William Van Winkle 

In the race between plummeting costs per 
terabyte and exploding amounts of data in 
need of storage, the latter perpetually seems 
miles ahead. In 2007, IDC estimated that the 
"digital universe" would grow from 161 
exabytes in 2006 to 988 exabytes in 2010— a 
more than 6X increase in four years. 

Especially for enterprises, which live and 
breathe data, there can seem to be little hope 
of stemming the information flood, much of 
which must be backed up with increasingly 
limited resources. However, although there's 
no way to turn back the tide of data, there 
are ways for organizations to trim backup 
costs and keep from drowning in idle data. 

Less Is Better 

"Backup needs are growing exponentially, 
just as budgets are tightening more than ever, 
prompting the search for backup solutions 
that will reduce costs and simplify storage 
operations," says Mike Ewell, product man- 
ager at HP StorageWorks (www. Compaq 



.com/storage). "A good example of such a 
technology is data deduplication." 

Deduplication scours a network and 
searches for exact repeats of any file. These 
repeats can be removed and replaced with a 
shortcut that points back to a single "real" 
version of the file. For example, imagine a 
10MB presentation attachment emailed to 
every employee; in reality, only one copy 
of that file needs to exist on the LAN. 

There is no one-size-fits-all approach to 
"dedupe" processes, though. Enterprises 
need to consider what areas within the com- 
pany should be deduped, which machine 
types should be deduped, how often the 
process should be done, and which dedupli- 
cation algorithms are most appropriate, 
among other variables. 

Deduplication isn't the only means to 
having less data to back up. In a March 
2009 research paper titled "Backup 
and Recovery Optimization and Cost 
Avoidance," Gartner advises IT managers 
to exclude rich media file formats, includ- 
ing MPS, JPEG, and AVI, unless there is a 



Revinetix RevOS Release 3.2 




NEW PRODUCT 



by Nathan Lake 



Revinetix RevOS 
Release 3.2 

Offers enterprise-class 
features, including 
byte-level replication, 
data deduplication, and 
central administration. 
Ranges from $1,995 to 
$199,500 



A Single Backup Appliance 



Setting up data protection in an 

enterprise can be a tricky proposition, 
especially if you're selecting piecemeal 
products from different suppliers. 
Revinetix offers an affordable, fully inte- 
grated, single appliance and hardware 
system that supports an unlimited num- 
ber of servers and clients. That means no 
additional license fees or renewal fees. 
Revinetix recently released version 3.2 of 
its RevOS, the advanced data protection 
application that powers the Revinetix 
Sentio total disk backup appliance. 

According to Randall Crocker, 
Revinetix vice president of marketing, 
"RevOS Release 3.2 introduces byte- 
level replication to the existing feature 
set. Combined with our data deduplica- 
tion, byte-level replication makes it pos- 
sible for SMEs to implement more effec- 
tive disaster recovery strategies." The 



byte-level replication reduces the amount 
of data needing to be moved across the 
WAN. "Revinetix' technologies free up 
bandwidth by only transmitting changed 
data, down to byte-level, which is partic- 
ularly important to the SME markets that 
struggle with high bandwidth costs." 
With the ability to maintain full replicated 
data between remote facilities, a remote 
office can recover lost data in the event of 
data loss at one office. 

The disk-based appliance is ideal for 
those who want to transition from tape 
backup to a more reliable solution for 
backup, recovery, and archive. RevOS 
provides centralized administration 
through a Web browser. Every major 
operating system is supported, and 
RevOS features Active Directory support 
with agents for Microsoft Exchange and 
SQL servers. 



business need for retaining them. If there is, 
then they should be strictly segregated into 
storage areas where they're appropriate. 

Gartner further advocates trimming out 
operating system files in cases where sys- 
tem images can be quickly reloaded from 
the network. If desktops and laptops can be 
similarly reloaded, then all that really needs 
to be backed up is the My Documents folder 



Key Points 



• Data deduplication methods can help reduce 
backup sets, which might result in a drop in 
storage capacity and management costs. 

• Decreasing the span of time over which a 
restoration point can be kept will help 
reduce overall backup costs. 

• Finding more effective backup strategies 
for client systems that reduce worker 
downtime is another way to lower overall 
backup costs throughout an enterprise. 



C^ev/inetlx 

TOTAL DISK BACKUP 



(866) 956-3782 
www.revinetix.com 



or similar areas where business data will be 
held. Note that few, if any, .TMP or .DMP 
files need to be retained — exclude them. 

About Time 

Compliance regulations such as HIPAA 
and Sarbox continue to mount in the enter- 
prise world. Each market has its own set of 
regulatory policies and requirements for how 
long data must be retained. Disk storage gets 
most of the headlines these days, but for stor- 
age durations measured in decades, many 
enterprises continue to find value in tape. 

"Tape media still remains the best solu- 
tion for meeting enterprise backup needs," 
says HP's Ewell. "It provides the lowest- 
cost solution for storing vast amounts of 
data and can provide protection for up to 30 
years. Therefore, customers should consid- 
er using a disk-to-disk-to-tape solution to 
address both short-term and long-term 
needs. The mindset should be disk and 
tape, not disk or tape." 

That said, tape isn't the last word in long- 
term storage. Russ Conwath, senior research 
analyst at Info-Tech Research, notes that 
"while tape backup still plays a role, there are 
a number of other technologies that may 
prove more efficient and easier to recover 
from. Massive array of idle disks and virtual 
tape libraries are but a couple of alternate 
technologies that may help." 

Cost of entry isn't the only determiner of 
value. Faster recovery times with tape alter- 
natives may outweigh up-front savings 
from tape solutions. Conwath cautions 
managers to watch out for adopting too 
many backup technologies, which often 
proves more expensive to maintain than a 
single consolidated backup solution. 

Whichever technology makes the most 
sense for a given group, enterprises will 
have to decide on an RPO (recovery point 
objective), the maximum time in the past 
from which a recovery can be made. The 
longer the RPO, the higher the overall cost. 
Thus it makes sense that IT managers cre- 
ate a relationship between data's business 
value and its RPO. Most likely, higher- 
value information should be kept longer, 
and backup subsets can be created to 
accommodate this so that not all data is 
being held for the same duration. 

From Desk To Cloud 

There are many options for end-user 
backup across an organization. Enter- 
prises should address the myriad desktops 
and notebooks spread throughout its 
midst. In larger groups, virtualized desk- 
tops tied into SANs can turn terminal 
backup into a snap. 



Many organizations at this point increas- 
ingly turn to the convenience of cloud stor- 
age. In some cases, backup speeds can run 
800MB per hour, which is fine for daily 
incremental saves but can make the initial 
backup of tens of gigabytes a system- 
slowing ordeal. The advantage of cloud stor- 
age is its automation. A small application 
running on the client removes the element of 
end users needing to manually back up their 
data. The weak link with cloud backup, 
though, is restoring, which can take many 
times longer than the full backup and usually 
requires the intercession of IT support. Bare 
metal backup methods, which back up client 
hard drives on a bit-for-bit basis so there's 
no reinstallation of operating systems or 
applications, can be the fastest restoration 
option, but they also tend to require the most 
hands-on interaction from end users. 

Neither of these approaches solves the 
problem of getting a user with a failed 
drive immediately up and running in the 
middle of the night or while on the road. 
This is why solutions from CMS Products 
(7 14/424-5520; www.cmsproducts.com) 
and others are working to provide products 
with almost no user interaction that include 
functions such as the ability to boot directly 
from an internal, external, or network- 
attached backup target. When a laptop user 
can boot straight from an external drive, 
there's no immediate need to involve IT. 

"The Fortune 500 companies we work 
with perform analytics on all their backup 
operations, and storage problems are 
among the top five things they have to deal 
with on a daily basis," says Ken Burke, 
president of CMS. "What these analytics 
show is that companies with 20,000 
employees running around using this sort 
of software to back up their systems are 
realizing millions of dollars saved in the 
reduction of help desk calls." 

Back inside the server room, though, 
cloud-based storage services such as 
e- vaulting offer two big additional benefits: 
reduction of onsite power consumption and 
freeing up of floor space. Depending on the 
organization's environment and usage 
models, these two factors alone could offset 
a large part of the backup service's fees. 



TOP TIPS 



• According to Russ Conwath, senior re- 
search analyst at Info-Tech, failing to 
properly maintain equipment, particularly 
removable media devices, shortens its 
life span, which costs you money and 
exposes you to potential downtime. "Look 
after your backup equipment and it will 
serve you well." 

• Conwath also recommends checking your 
offsite media storage usage and charges 
for cost savings. "Are you being charged 
by the tape for rotation? If so, could you 
affect this by changing or increasing tape 
capacity to rotate less tapes? Are you 
recalling tapes on an urgent, usually pre- 
mium charge, basis often?" 

• Gartner recommends exploiting recent 
backup solution enhancements that in- 
clude the ability to perform incremental 
forever, virtual full, or synthetic full back- 
ups that merge data and consume less 
overall storage in the backup repository. 

• Mike Ewell, product manager at HP Stor- 
ageWorks (www.compaq.com/storage), 
suggests removing duplicate data using a 
technology such as deduplication, which 
"can increase disk utilization by up to 50 
times, significantly reducing storage costs." 
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Data Center 
Access Policies 

Policies & Best Practices Can Vary By Enterprise 
But Have IVIany Common Elements 



by Kurt Marko 
• • • 

Humans are the weakest link in any 
security scheme. Security professionals 
can do their best to protect systems with 
layers of anti-malware, personal and net- 
work firewalls, biometric login authentica- 
tion, and even data encryption, but give a 
good hacker (or computer forensics 
expert) enough time with physical access 
to the hardware, and there's a good chance 
they'll break in. Thus, robust physical 



Key Points 



More stringent laws, regulatory require- 
nnents, and industry standards necessi- 
tate fornnal strategies and policies for 
data center physical security and access 
controls. 

Policies nnust identify who has access 
and where they are allowed, as well as 
restrictions on nnovennents and activities 
within the facility. Access policies and 
physical security practices need to be 
verifiable (by logs and surveillance) and 
auditable. 

For greater security and accountability, 
connputer roonns should be partitioned 
by either equipnnent function (server 
racks, network control, facilities) or sys- 
tenn sensitivity or criticality (high securi- 
ty/high availability vs. nnininnunn securi- 
ty/non-critical). 



access controls and policies are critical 
elements of any comprehensive IT securi- 
ty strategy. 

According to a report by the SANS 
Institute, "IT security and physical securi- 
ty are no longer security silos in the IT 
environment; they are and must be consid- 
ered one and the same or, as it should be 
called, overall security." 



policy is to make it clear 'this is how we 
do things here.'" 

After setting expectations and behav- 
ioral ground rules, actual data center 
access policies have several common 
elements. The most essential are defini- 
tions of various access levels and proce- 
dures for authenticating individuals in 
each group and their associated privi- 
leges and responsibilities when in the 
data center. 

A policy template developed by Info- 
Tech Research Lead Analyst Darin Stahl 
calls for a simple distinction between 
employees, contractors, and visitors. A 
more granular refinement, which Stahl 
prefers and sees becoming increasingly 
common, is a categorization between 
employees with unfettered, unescorted 
access to the entire data center; those 
who have uncontrolled access to certain 
portions (such as a server room or cage 
of racks within the room vs. the network 
control center); and those requiring 
escorts. 

Although older data centers typically 
just consisted of a large, unpartitioned 
raised-floor area, Stahl says newer enter- 
prise facilities have taken a page from ISP 
designs by dividing the space into various 
zones — for example, a cage for high- 
availability servers, another area for Tier 
2 or 3 systems, a dedicated network con- 
trol room, and even separate areas for 
facilities infrastructure such as PDUs and 
chillers. Such partitioned data centers pro- 
vide control points for denying access to 
personnel with no responsibility for 
equipment that's in them. 

Identification Procedures 

The next step in a physical security poli- 
cy is to set up controls and identification 
procedures for authenticating data center 
users and granting them physical access. 
Although biometric scanners look flashy 



Access levels and controls, 
with identification, monitoring, 
and logging, form the foundation 
of an access policy. 



It is the innermost layer — physical 
entry to computer rooms — over which IT 
managers typically have responsibility, 
and the means to effective control over 
human access focuses on a set of poli- 
cies, procedures, and enforcement mech- 
anisms. 

Policy Basics 

Given their importance and ramifica- 
tions on employees, access policies must 
come from the top leadership. According 
to Kevin Beaver, independent consultant 
at Principle Logic, "The essence of a good 



in the movies and certainly provide an 
added measure of security, Stahl says a 
magnetic stripe badge reader is still the 
most common entry technology, as it's 
simple, cheap, and effective and allows 
automated logging, which is a necessary 
audit trail. 

One problem with mag readers, ac- 
cording to Stahl, is their susceptibility to 
tailgating, or allowing unauthorized per- 
sonnel to trail a colleague through an 
entry way. That's why Stahl advises sup- 
plementing doors and locks with record- 
ed video surveillance. 



Peter Sacco, president of PTS Data 
Center Solutions (www.ptsdcs.com), also 
likes to add a form of two-factor authen- 
tication to entry points by coupling a card 
reader ("something you have") with a 
PIN pad ("something you know"), which 
reduces the risks of lost cards. Like Stahl, 
Sacco recommends using time-stamped 
video surveillance in conjunction with 
electronic access logs, but he also sug- 
gests adding a sign-in sheet to provide a 
paper trail. 

Access levels and controls, with identi- 
fication, monitoring, and logging, form the 
foundation of an access policy. But two 
other major policy elements are standards 
of conduct and behavior inside the data 
center (such as prohibitions on food and 
beverages or tampering with unauthorized 
equipment) and limitations and controls on 
the admission of personal electronics such 
as USB thumb drives, laptops, smart- 
phones, or cameras. 

Policies should also incorporate pro- 
cesses for granting access or elevating 
restriction levels, an exception process 
for unusual situations, sanctions for poli- 
cy violations, and standards for reviewing 
and auditing policy compliance. Stahl 
cautions that penalties for noncompliance 
will vary from company to company 
because they must reflect each enter- 
prise's specific risk tolerance, corporate 
culture, local employment laws, and 
union contracts. 

Relevant Regulations & Standards 

An overriding issue for IT managers 
designing access controls, Stahl says, is 
"understanding just what regulations or 
compliance requirements you face." Yet 
these have become so prevalent that IT 
managers need not start with a blank 
slate when designing a set of policies. 
For example, section 9 of ISO/IEC 
27002:2005 includes guidelines on securi- 
ty perimeters, entry controls, and work 
rules. "The ISO/IEC 27002:2005 standard 
is the one that I recommend," says Beaver. 

The PCI DSS (Payment Card Industry 
Data Security Standard) also includes a 
lengthy section (also section 9) on physi- 
cal security, which, Stahl says, is a "very 
practical, tactical, and actionable" start- 
ing point that meets at least 80% of most 
enterprise needs. One nice feature of the 
PCI DSS is that, in addition to outlining 
specific requirements, it adds corre- 
sponding testing and auditing proce- 
dures. Stahl says that any enterprise 
could use PCI as a baseline, augmen- 
ting it as needed to meet business- 
specific requirements. 

The ability to test and validate access 
policy compliance is important, and 
Stahl recommends integrating physical 
security audits with existing IT audit 
processes. "Auditors can be your friend," 
he says, noting that independent third 
parties are the best way to establish poli- 
cy compliance. 



Suggested Elements 
Of A Data Center 
Access Policy 

IT security is as much about physical 
security as it is about network and appli- 
cation security. Controlling physical 
access to the enterprise data center is 
critical in protecting the data and informa- 
tion contained inside. 

Info-Tech has developed a set of 
requirements and procedures based on 
industry-standard best practices that can 
be customized to better suit specific 
company needs. 

Levels Of Access 

Authorized access. The data center is 
physically secured by a card-reader door 
lock and monitored 24/7 by building secu- 
rity. Additionally, recorded video surveil- 
lance is conducted through the security 
cameras placed within the server room. 
Card-reader access is available to the 
server room on a 24/7 basis for autho- 
rized employees. A listing of currently 
authorized staff is kept in a Data Center 
Access List. 

Vendor access. A listing of currently 
approved vendors is kept in the Approved 
Vendor Access List. All included vendors 
have been authorized for access based on 
job-related need. The need for continued 
authorization will be reviewed no less than 
quarterly. While onsite, vendors must wear 
their identification badges at all times. 
Vendors with approved access to the data 
center are required to identify themselves 
and sign in/out of the data center using the 
Site Access Log. 

Visitor/guest access. In general, casual 
visits and/or tours of the data center are 
not allowed. However, approval of a tour 
or casual visit may be granted. Requests 
for a visit or tour of the data center must 
be preapproved by the VP Finance. ID 
and sign-in requirements as for vendors; 
also, visitors must be escorted at all 
times. 

Conduct In The Data Center 

In order to maintain a secure, safe envi- 
ronment, it is mandatory for all persons 
working within (and visiting) the data cen- 
ter to adhere to a set of rules covering 
use of camera, mobile phones, other elec- 
tronic equipment, food and drink, and 
general behavior. 

Monitoring & Audit 

Data center access is controlled and moni- 
tored by various subsystems (reader door 
lock system, video surveillance cameras, 
etc.) that produce access records. All data 
center access records are subject to reten- 
tion requirements and auditing. 

Source: "Info-Tech Research Document 
Template"; July 2009. 



Although PCI, SAS, ISO, and various 
templates such as Info-Tech's can pro- 
vide general guidelines. Beaver feels 
that, ultimately, access policy must 
reflect situations unique to each busi- 
ness. "The best advice I can give is to 
find out where you're weak first," he 
says. "Putting policies and procedures in 
place without first understanding what 
you're up against is simply going 
through the motions and is not sustain- 
able long term." 
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Microsoft Security 
Intelligence Report 
Sliows This Year's 
Tlireats & Trends 

A recent security report released by Microsoft 
states that of all the potential threats on the 
Internet, worms and phishing attacks are the 
most prevalent. 

Published twice a year, the seventh volume 
of Microsoft's Security Intelligence Report 
examines malicious and potentially unwanted 
software and security breaches. Data was col- 
lected from more than 450 million Windows- 
based computers worldwide, and the results 
cover trends from January through June 2009. 

Trojans remained the most prevalent threat to 
computers, with Win32/FakeXPA being the 
most common family. This category includes 
rogue security software— malicious programs 
that pose as an antivirus or antispyware appli- 
cation and trick a user into downloading them. 
In Microsoft's previous Security Intelligence 
Report, which covered July to December 
2008, these were at the forefront of security 
threats, and in volume seven, Microsoft states 
that they are still a major threat. 

Increased Threats 

The report shows that worm infections are 
becoming more common, as well. The num- 
ber of infections rose from fifth place in the 
second half of 2008 to second place in the 
first half of 2009, with enterprise environ- 
ments being more likely than home environ- 
ments to encounter them. The biggest threat 
to enterprises in the first half of 2009 was the 
Conficker worm. 

Microsoft also reports that phishing attacks 
are on the rise, mainly due to an increase in 
attacks targeting social networking sites in 
the first half of 2009. Overall, the types of 
sites targeted by phishing attacks varied 
more than in the past and included gaming 
sites, portals, and large corporations' Web 
sites. More specifically, the number of phish- 
ing impressions, or how many times users 
clicked through to reach a phishing site, near- 
ly quadrupled since the second half of 2008, 
due partially to a campaign that targeted 
social networking sites. 

Other trends discussed in the report include 
malicious and potentially unwanted software, 
operating system trends, email threats, 
browser-based exploits, and SQL injection 
attacks. A full version of the report can be 
found on Microsoft's Web site. 

by Kris Glaser Brambila 
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FEATURED PRODUCT 



Mobile Device 
Protection 

Encryptx's DeviceDefender Encrypts & Defends 
The Valuable Data On Removable Devices 



by Robyn Weisman 

Encryption is reaching a tipping point 
in the IT world. Although stories of stolen 
laptops holding anywhere between a few 
hundred and a few hundred thousand 
Social Security numbers have hit the 
media, solutions to stop such incidents 
have not gotten the same coverage, per- 
haps because relatively few solutions exist 
that can prevent such nightmares from 
happening. Without such solutions, the 
only way an SME can avoid a similar cat- 
astrophe is to seal off USB ports on em- 
ployee PCs and create strict policies that 
are often difficult to enforce. 

Increasingly, however, encryption solu- 
tions are arriving in time to help SMEs deal 
with this pernicious and pervasive problem. 
Broomfield, Colo., -based security solutions 
provider Encryptx (www.encryptx.com) 
offers a particularly appealing solution 
called DeviceDefender that IT departments 
can install on PCs, servers, or both. 



DeviceDefender 
Features 

• Autonnatic protection of all types of 
rennovable nnedia 

• Access control fronn the user PC 

• Access to secured files on network drives 
and backup devices 

• Autonnatic installation of a portable 
encrypt/decrypt client if a particular device 
doesn't support hardware encryption 

• Central management tracking through 
the Security Server Console, with a 
complete audit trail of access to 
secured content and management 

of user/device/media identities 



Encryptx founder David Duncan spent 
most of the 1980s and 1990s working on 
trusted networks for such agencies as the 
U.S. Department of Defense, U.S. Army, 
U.S. Air Force, and FEMA. In 1999, 
Duncan founded Encryptx, leveraging his 
knowledge of how to best protect critical 
data that is transported on removable 
devices in a complete and cohesive fash- 
ion, explains Phil Velella, vice president 
of worldwide sales at Encryptx. And 
DeviceDefender provides data center man- 
agers with unparalleled encryption capa- 
bilities for portable devices of all kinds, 
along with easy-to-use yet powerful ad- 
ministrative tools. 

A Comprehensive Removable Device 
Security Solution 

Velella describes DeviceDefender as a 
comprehensive removable device security 
solution that has three key features: remov- 
able device security, removable device con- 
trol, and removable device management. 



DeviceDefender can automatically detect 
and transparently encrypt any type of 
removable device, such as memory cards, 
USB thumb drives, smartphones, and 
iPods, among other items, says Velella. 

In addition, Velella says that Device- 
Defender allows users to apply certain 
actions and set specific policies and that 



purpose of it is to detect any removable 
devices used on the PC or server," he says. 

Rich forensic capabilities are built into 
DeviceDefender that make it easy for IT to 
define how long a user can access a given 
device. "If they use it for too long, they 
must reauthenticate, and if a user is 
deemed untrusted, whether or not they 




C O R P O R 



these actions and policies may be automat- 
ed. "Those policies could be things like, 
'Allow this device through and automati- 
cally encrypt it,' 'Block this device and 
prevent it from connecting to the net- 
work,' or 'Set device as read only,' where 
the device can connect and access the 
files, but cannot copy files from the net- 
work onto that device," Velella says. 

DeviceDefender' s removable device 
management capabilities complete the solu- 
tion. According to Velella, DeviceDefender 
gives data center managers the ability to 
audit, track, provision, and remotely control 
the devices that make up the network. 

Comes In Two Flavors 

DeviceDefender is a software-based 
solution that comes in both a PC client and 
a server client. For complete coverage, 
data center managers would be best served 
by putting the PC client on every PC and 
the server client on one or two servers. 

By installing DeviceDefender on all 
client PCs, data center managers can ensure 
that whenever a removable device is con- 
nected to a company's PC, that device will 
be obliged to follow whatever policies and 
actions that you have set up. The PC client 
version of DeviceDefender will automati- 
cally encrypt up to 20 removable devices 
and 250 CDs or DVDs annually, while 
allowing users to set up and manage an 
unlimited number of actions or policies. 

"The PC version keeps track of devices 
it encrypts, and at end of one year, opens 
up that slot to allow users to automatically 
encrypt more," says Velella. 

The server version of DeviceDefender 
allows users to encrypt as many as 250 
removable USB devices and 1,500 CDs 
and DVDs per license per year. Both ver- 
sions offer the same government-grade, 
256-bit AES encryption. 

Admin-Friendly Automation 

According to Velella, DeviceDefender 
is very easy to use and manage from both 
the user and IT level. "DeviceDefender is 
dummy-proof [and] is designed to be 
transparent and automatic [rather than] 
administrative level," Velella says. 

Velella explains that a kernel-level filter 
driver is loaded onto the PC or server 
when DeviceDefender is installed. "The 



have the correct password, their access can 
still be revoked so that they have zero 
access to files," says Velella. 

Not Tied To Any Device 

Unlike many of its competitors, Device- 
Defender is not tied to a specific device. 
"The focus of DeviceDefender is to cover 
the whole spectrum," says Velella. "We 
don't sell you a flash drive or [other] remov- 
able device specific to our solution. Not only 
can you encrypt a wide range of devices, 
DeviceDefender also supports a wide range 
of vendors so that you can create actions or 
policies by vendor, as well," he says. 

Velella says that DeviceDefender is 
designed to give organizations investment 
protection as well as a comprehensive and 
far-reaching security solution, taking into 
account the vast complexities and differ- 
ences in today's networks. 

"We have encountered a number of cus- 
tomers [for whom we] provide encryption 
that continue to use all of their devices, as 
opposed to looking at some vendors where 
they would have to replace all those devices 
and hand out only specific ones" that match 
up with competing solutions, Velella says. 
"DeviceDefender does not interrupt opera- 
tions per se. It is cost-effective, as well as 
being full-featured and powerful." 

Encryptx DeviceDefender 



(888) 431-4550 
www.encryptx.com 

Description: A software-based solution that 
allows users to automatically encrypt a variety 
of removable media and devices and enables 
admins to set up granular actions and policies 
for the management and encryption of media 
and devices that access the network. 

Interesting Fact: Encryptx's founder David 
Duncan originally was a cryptologist at the 
NSA (National Security Administration), 
working on highly classified government 
computer systems, says Phil Velella, vice 
president of worldwide sales at Encryptx. 
"Encryptx was founded based on the work 
David did designing and validating these 
systems," says Velella. 
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SIX QUICK TIPS 



Dealing With Lost 
Or Stolen Notebooks 

Data Protection Is Job One When Notebooks Are Missing In Action 



by Bruce Gain 

The average business notebook packs 
more computing power and storage capac- 
ity than the typical high-end desktop did 
just a few years ago, making it easier for 
users to carry most of their work with 
them wherever they go. The utility that 
notebooks offer is demonstrated by their 
wide- scale adoption — in the United States, 
analyst firm IDC expects the portable PC 
market to total 39.5 million units in 2009, 
compared to desktop PC sales of 26.6 mil- 
lion units. 

For the admin, the downside of note- 
books' popularity is that there is also an 
explosion of vulnerable data beyond the 
firewall that all-too-often gets separated 
from the laptops' owners — data that may 
not be adequately protected. The potential 
damage is obvious, with high-profile cases 
making headlines when executives lose 
their laptops, resulting in security night- 
mares. For the small to medium-sized 
enterprise, an executive on the road can 

When a laptop 
goes missing, a 
main concern is 
to be able to 
resume work as 
^ soon as possible. 

easily carry a hornet's nest of confidential 
files, photos, records, presentations, and 
access privileges to the enterprise's server. 
Besides the regulatory and compliance 
issues involved, a data thief could do a lot 
of damage with any of this data. 

However, admins can proactively take 
action to offset the costs and security risks 
associated with lost and stolen notebooks. 
Here are steps you can take now to lessen 
the pain, whether a user' s laptop is lost or 
winds up in the hands of thieves. 

Lock 'Em Down 

Suppose the CFO's laptop was stolen as 
she was on her way to give a presentation 
to a group of venture capital investors 
interested in buying a stake in the compa- 
ny. On the hard drive are details about the 



company's finances, future plans, and 
even payroll information with private 
employee data. A thief could wreak havoc 
on the company with such information; 
however, if the data was locked down 
tightly with encryption, a thief would be 
unable to use it to his advantage. Instead 
of a major security risk, a locked-down 
laptop is merely worth what its spare parts 
can bring on the black market. 

"If a laptop is lost or stolen, you can be 
pretty sure that no data on it can be 
recovered [if it is adequately encrypted]," 
says Jamie Riden, a member of UK 
Honeynet Project (www.honeynet.org) 
and an independent security researcher. 
"Of course, it never hurts to get the user 
to change their passwords, but it's proba- 
bly not essential with strong encryption 
of the disk contents." 

Riden says he also recommends strong 
encryption for USB media and any other 
portable devices. 

Know The Law 

Notebooks are used outside of the enter- 
prise, which means that they could be lost 
or stolen in states or countries with very 
different laws and procedures to follow 
when reporting a lost system to the author- 
ities. The protocols involved with report- 
ing a lost or stolen enterprise notebook in 
Kansas, for example, may be different 
from those in New York City. 

At the same time, compliance proce- 
dures associated with lost laptops vary 
according to the rule of laws and regula- 
tions in a particular state or country in 
which an enterprise is based. 

"Data breach penalties and disclosure 
requirements vary by country and even 
by U.S. state," says George Ferguson, 
a product marketing manager at HP. 
"[However], uniform U.S. -level legisla- 
tion governing data breaches is now under 
consideration by the U.S. Congress." 

In Europe, for example, compliance pro- 
tocols are more relaxed in some ways but 
are stricter in other areas compared to the 
United States. "In general, the United 
States is ahead of the EU in data breach 
requirements, while the EU is ahead of the 
United States in data privacy require- 
ments," Ferguson says. "This being said, 
Europe is beginning to catch up in the data 
breach area." 

The Power Of Backups 

When a laptop goes missing, a main 
concern for the user is to be able to 



BONUS TIPS 



■ Track and wipe stolen 

laptops. Software products 
exist that not only allow you to 
track a stolen laptop, but to 
remotely wipe out the data, as 
well, says Rob Enderle, prin- 
cipal analyst for the Enderle 
Group. Software that does 
this is "generally the best 



regarded of the offerings" and 
is "well worth the money," 
Enderle says. 

■ Take control for the 

users. Users are not sup- 
posed to be security experts, 
so it is up to the admin to 
take measures to mitigate 



damage when and if laptops 
are lost or stolen. "Users 
cannot be depended upon to 
police the sensitive data on 
their own systems," says 
John Girard, an analyst for 
Gartner. "Protection needs to 
be automatic." 



Best Tip: 

Recovery Is Not Enough 

Protecting data if a laptop gets into the 
wrong hands is crucial, even if your enter- 
prise is able to successfully recover the 
system, says John Girard, an analyst for 
Gartner. It is critical to realize that the data, 
as opposed to the laptop itself, poses the 
most significant security risks. "Bear in 
mind that the requirements for data protec- 
tion are not satisfied simply by recovery of 
the laptop," Girard says. "The sensitive 
information must be protected from unau- 
thorized access." 

Most Practical Tip: 

Know What Data 
Is Out There 

Information such as customer data that is 
on a stolen laptop will require specific com- 
pliance procedures depending on the enter- 
prise's location. Conversely, a notebook 
that is lost with data that poses no security 
risks is of less importance. But to determine 
what data has been lost requires knowing 
what is stored on the notebook in the first 
place. "Assess what the thief has and pro- 
tect against them from using it against you," 
says Rob Enderle, principal analyst for the 
Enderle Group. 



resume work as soon as possible. This is 
why regular backups are important, 
because they can make it possible to 
quickly recover the same data and appli- 
cations on another machine. 

"Laptops should be backed up regularly. 
If a device is lost or stolen, a working 
image can be quickly restored," says John 
Girard, an analyst for Gartner. "This is 
important not only for productivity, but 
also to verify what was on the device 
when it disappeared." 

Encourage Employee Awareness 

There are organized rings of criminals 
whose mission is to steal laptops, as well 
as other valuable electronic devices, at 
places where business travelers frequent 
such as at airports and train stations. It is 
thus important for users to be aware and 
vigilant when traveling. 

"Folks really need to think about how 
to keep a laptop from being stolen in the 
first place," says Rob Enderle, principal 
analyst for the Enderle Group. "Don't 
leave them in plain sight in cars or hotel 
rooms, don't leave them on chairs or 
tables when you go to get a drink or go to 
the bathroom unless they are being 

I watched by someone, and put them 
through the security station at an airport 
first, not last, so you are less likely to run 
off before it comes down the belt. In addi- 
tion, a sticker that says the laptop is pro- 
tected in some fashion could push a thief 

I into taking another product." 




I Microsoft Co-founder 
Diagnosed With Cancer 

Paul Allen, co-founder of Microsoft, is current- 
ly undergoing treatment for non-Hodgkin's 
Lymphoma. The billionaire was diagnosed 
with the disease in early November. Allen 
is listed as one of the 20 richest Americans 
in Forbes magazine and has accomplished 
much during his career. He co-founded Mi- 
crosoft with friend Bill Gates in 1975 and left 
in 1983 when his health worsened during his 
first fight with cancer. Allen survived the rarer 
Hodgkin's Lymphoma more than 25 years 
ago. According to Allen's sister, Jody Allen, 
who is also the CEO of his Vulcan investment 
company, Paul Allen is optimistic and remains 
upbeat about the treatment. 

I Processor 
Shipments 
Take IVIajor 
Upswing 

In a somewhat 
surprising turn, 
IDC reported 
that global 
third-quarter 
semiconductor ship- 
ments rose 23% from the previous quarter, 
marking all-time-record levels for one quar- 
ter. According to an IDC release, the 
increase is "approximately double the nor- 
mal growth in unit shipments for the same 
period." Leading the growth was a 35.7% 
increase in processor shipments for mobile 
PCs, including mininotebooks and netbooks 
using Intel Atom-based chips. Shipments of 
desktop PC chips, meanwhile, climbed 
1 1 .4% for the quarter, while shipments of 
x86 server chips were up 12.2%. IDC's 
Shane Rau says the rise in shipments was 
offset by market revenue that grew by just 
14.1% quarter-over-quarter, due partially to 
the low average selling price of systems 
using Atom processors. Among manufactur- 
ers, Intel claimed an 81 . 1 % share of ship- 
ments (+2.2%) followed by AMD at 18.7% 
(-2%) and VIA Technologies (+0.2%). "Most 
meaningful about 3Q09 is that, since PC 
processor shipments overall just slightly 
exceeded shipments in 3Q08— which was 
itself a record quarter at the time— we know 
that the processor market is recovering," 
Rau says. 

I Google Acquires 
Internet Telephony Company 

Google acquired Internet telephony company 
Gizmo5, which provides Internet-based call- 
ing software for mobile phones and comput- 
ers. Google did not announce any specific 
intentions for Gizmo5 but did say that the 
company's engineers would join the Google 
Voice team and "continue improving the 
Google Voice and Gizmo5 experience." 
Although current Gizmo5 users will continue 
to have access to service, Google has 
stopped taking new Gizmo5 signups, and 
current users won't be able to sign up for call- 
in numbers. Gizmo5 uses the open SIP stan- 
dard to provide its service. Skype, which uses 
proprietary technology, had reportedly been 
considering purchasing Gizmo5. 

I Terremark Acquires DS3 

Terremark Worldwide, a provider of managed 
IT infrastructure services, recently bought 
DS3 DataVaulting, a storage-as-a-service 
provider, for $1 1 .2 million. The acquisition, 
done in part to improve its storage backup 
service, makes DS3 the Backup division of 
Terremark and brings a partnership with 
Asigra to Terremark's table, giving Terremark 
multiple options for how it offers its services. 
DS3 also brings VMware and disaster recov- 
ery expertise to Terremark, in addition to ser- 
vices that will help Terremark develop cloud 
computing solutions. 
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I Web App Security Falls Flat 

Users are experiencing more flaws in the Web 
applications they use, according to the latest 
report from Web security firm Cenzic. About 
80% of the 3,000 software security bugs 
reported this year all have one thing in com- 
mon: They exist in Web-based sources, such 
as Web servers, Web applications, Web plug- 
ins, and Web browsers. Last year, about 10% 
fewer flaws were reported during the same 
period. The firm blames security flaws in the 
Web application layer for Web-born data theft, 
malware infections, and data breaches. Cen- 
zic also found that about 90% of the vulnera- 
bilities existed in sloppily coded commercial 
software, which Cenzic interprets is the result 
of a greater emphasis being placed on get- 
ting software out as quickly as possible as 
opposed to making sure it is secure first. 

I Pioneer Files Patent Suit 
Against Garmin 

Pioneer in Japan has filed a lawsuit against 
rival company Garmin. Pioneer claims the 
navigation system maker has violated three 
of its patents. The complaint follows failed 
negotiations between the two companies to 
license the patents. Pioneer is asking the 
U.S. International Trade Commission to ban 
Garmin from shipping several of its products 
to the United States. The patents in question 
cover multiple aspects of a car navigation sys- 
tem, including the option to have the system 
automatically delete trip information after 
nearing a destination. Pioneer says legal 
action is necessary in order to protect its intel- 
lectual property. Garmin disputes the claims, 
stating that there has been no infringement 
and the patents are not valid. Pioneer also 
filed a complaint against Garmin in the District 
Court of Dusseldorf in Germany claiming the 
company violated two Pioneer patents. 




I Blng Shows Largest Gain 
In IVIarket Share 

The latest numbers from market research 
firm Hitwise are out, showing that Microsoft's 
Bing experienced the largest percentage 
increase in market share of the major search 
engines, moving from 8.96% to 9.57% of U.S. 
searches for the four weeks ending Oct. 31 . 
This amounted to a 7% uptick. By contrast, 
rival Google's share dropped from 71 .08% to 
70.6%, and Yahool's share declined 1% to 
16.14%. Ask.com improved slightly, moving 
up to 2.62% from 2.56%. 

I Mobile Phone Frustrations 

According to a Qualcomm's Xiam Technol- 
ogies subsidiary, smartphone users have a 
number of gripes. The results of Xiam's study 
of 2,600 mobile content users show that a 
majority of them find their phones' search 
capabilities lacking, resulting in an inability to 
find what they want. Other complaints include 
slow page loads, the need to click through too 
many pages, and having to scroll through too 
much irrelevant content to find the content they 
want. But it's not all bad news; the study also 
found that most users are willing to spend 
more time accessing and purchasing content if 
it's easier to get to. The study also determined 
that mobile phone users in the United States 
put a lot of stock in email and QWERTY key- 
board features, compared to UK mobile phone 
users, who favor the looks of phones and the 
entertainment capabilities. 
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SIX QUICK TIPS 



Choosing An 
Outsourced 
Service Provider 

Sift Through The Clutter 

To Find A Provider That's Right For You 



by Drew Robb 
• • • 

Type "Outsourced IT" into Yahoo!, 
and you get almost 1 million hits. Make it 
"Outsourced IT Service Provider," and 
you narrow it down to more than 800. 
That's still an awful lot of links to sift 
through, and you may not find the services 
you need. In addition, there are plenty of 
fly-by-night outfits that will take your 
money and then not deliver the goods. So 
what should you look for in a provider? 

Think Business First 

Many SMEs focus on the technology 
or service they need during the selection 
process. Although this is certainly im- 
portant, the business side of the equation 
deserves even more priority, according 
to Mike Karp, an analyst at Infrastruc- 
ture Analytics. 

"It's important to remember that choos- 
ing a service provider must always be a 
business and not a technology decision," 
says Karp. 

Does the provider offer the services you 
need at a price that is competitive with 
what it would cost to perform the same 
functions in-house? Does offloading a 
particular IT function free up existing 
resources that could be more effectively 
applied elsewhere? Does the provider 
offer an essential service — e-discovery, 
perhaps, or some other compliance-related 
service — that would be too expensive to 
acquire internally? And will the candidate 
deliver in a manner that is consistent with 
the company's own internal rules of gov- 
ernance? Answering these questions will 
help narrow the field. 

Be Specific 

A common practice is to develop gener- 
ic vendor selection guidelines that don't 
really get to the heart of the matter. 
Further, such documents tend to favor the 
larger "we do it all" giants. Why? Such 
firms are skilled at marketing their ser- 
vices and gaining approval. However, they 



sometimes take on work outside of their 
comfort zones and then develop the talent 
they need to pull it off. The downside is 
that you are paying for their learning curve 
in new areas. The same issue can also crop 
up with smaller firms trying to play out- 
side of their league. 

"Companies should select providers 
based on their ability to deliver in a specif- 
ically defined project and screen providers 
based on those requirements," says 
Michael Friedland, executive vice presi- 
dent of Luxoft (www.luxoft.com). 

He also makes the point that real-world 
experience is gold when it comes to out- 
sourcing, so don't rely on promises that a 
company can deliver or responses to gen- 
eralized guidelines. Look into actual pro- 
ject experience and ask for lists of contacts 
at clients that received services similar to 
those being requested. Even if the compa- 
ny hasn't done the exact work you are 
demanding, check out their results in relat- 
ed fields and the skill sets on tap to gener- 
ate success. 

Put Rates In The Blender 

Friedland cautions SMEs that rate cards 
can be deceiving. Any price list is merely 
a declaration, which lists a number of 
people involved in the project, their 
seniority, their hourly rates, an estimated 
number of hours to be billed, and a pro- 
jected overall budget. However, this is 
quite different from what could be termed 
effective or blended rates, which it is best 
to calculate retroactively. 

"Effective rates are calculated at the end 
of the project, when you can evaluate the 
scope and what was achieved against the 
number of people and the rates charged," 
says Friedland. "If a provider has experi- 
ence [and] quality people and knows the 
job, then blended rates will be lower." 

The achievement of a good blended 
rate is built on multiple elements, such as 
hierarchy of delivery team structure, ven- 
dor effectiveness, and project overhead 
costs. So how can you ascertain blended 



BONUS TIPS 



■ Check schedule compati- 
bility. In today's global mar- 
ketplace, service providers 
can be anywhere in the world. 
But can the vendor work with 
your organization at a prede- 
termined schedule and main- 
tain that for the duration of the 
project? Verify that before you 
start, or else begin on a small 
scale to test the waters, says 
Doron Eskinazi, president of 
Professional Software Devel- 
opment Corporation (www 



.psdc.net). Otherwise, the 
company schedule can be 
heavily disrupted because of 
scheduling conflicts. This can 
even go so far as to interrupt 
normal tasks, thereby inhibit- 
ing day-to-day productivity. 

■ Demand responsiveness. 

Fast response also plays a 
part in the selection process, 
says Sabine Waterkamp, 
president of outsourced IT 
support provider ACSLA 



(www.acsla.com). Is the 
outsourcer easily reachable 
and can they arrive onsite or 
otherwise respond in an 
acceptable timeframe? If 
not, all the technical skills 
in the world will be of little 
avail. Although the quality 
of the work might approach 
perfection, if you can't reach 
them in a timely manner and 
can't ever maintain a timeline, 
find someone else. 



Best Return On Investment: 

Cheap Can 
Be Expensive 

According to Doron Eskinazi, president of 
Professional Software Development Cor- 
poration (www.psdc.net), it's easy to be 
blinded by cheap rates. Low-cost vendors 
are everywhere these days, so look behind 
the numbers by checking the performance 
of vendors you are considering. Pay close 
attention to delivery time and quality of 
product, he adds. 

To achieve maximum ROI, "Prepare very 
detailed requirements and a project plan," 
says Eskinazi. "Then keep the project mov- 
ing along by maintaining close communica- 
tion with the vendor." A good vehicle for this 
is to conduct regular demonstrations of work 
progress. Alternatively, schedule reviews 
where results can be monitored and issues 
ironed out. 

Simplest Tip: 

Deternnlne If 
Outsourcing Is Really 
Necessary 

Andrew Chalmers, CEO of Ballard Chal- 
mers (www.ballardchalmers.com), chal- 
lenges companies to really look at whether 
the service can be done better by an out- 
sourced service provider than in-house, or 
is it just an easy option? 

"Be the devil's advocate, as the fact is that 
the outsource service will very quickly be- 
come 'part of the family' and settle into a 
routine with you," says Chalmers. "With a 
longer-term contract in place, you can poten- 
tially lose that customer/supplier relationship 
that maintains service levels." 

The provider should be able to show true 
value in terms of cost savings and im- 
proved service through taking away inter- 
nal hassle. Further, it has to demonstrate 
a commitment to maintaining that level of 
savings and service. Otherwise, it can all 
become routine and not be thoroughly 
challenged again. So a review mechanism 
needs to be in place to regularly verify 
whether you really should be outsourcing. 



rates for a project that hasn't taken place 
yet? The trick is to check with recent 
clients as to how satisfied they were with 
the project and how costs worked out 
compared to the initial budget and pro- 
jected rates. 

The Great Communicator 

One heavily undervalued factor is 
communication, which can make or 
break almost any outsourcing engage- 
ment. The outsourcer has to maintain 
good communication with the customer, 
must be able to listen, and must also 
quickly understand needs. 

Further, don't make the mistake of 
evaluating the communication skills 
based on the initial contact. The first 
person you work with might be wonder- 
ful to deal with, but once the project is 
off and running, you might never see or 
hear from that person again. Therefore, 
insist that those who will manage and 
carry out the project work are part of the 
initial discussions. 
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FEATURED COMPANY 

Automation 
In The Cloud 

SoftLayer Aims To Make IT'S Job Easier 
With Its Cloud Computing Offerings 



by William Van Winkle 
• • • 

When Nathan Day, CTO of SoftLayer, 
turned 41, it was two days after Halloween 
and right in the midst of post-holiday 
clearance sales. He arrived at work to find 
his office so covered in spooky cobwebs 
that he literally had to cut a path to his 
desk with a pair of scissors. 

It's a visual that seems to sum up Day's 
job: His mission is to cut away the mess 



that normally confounds enterprises that 
need to scale their computing. SoftLayer' s 
mission is to automate anything and 
everything possible in IT services — from 
accounting and billing to provision- 
ing, ongoing support, and management of 
the infrastructure. 

Point & Click Scaling 

Experienced IT managers know the tra- 
ditionally weeks-long time necessary to 
configure, order, receive, provision, and 
burn in a new server. Time and workflow 
issues aside, the simple costs tied to this 
process are a considerable IT expense. 
With SoftLayer, acquiring a new server 
boils down to configuring it in a Web- 
based UI, waiting about two hours for 
provisioning within SoftLayer' s data cen- 
ters, and then the system (whether dedi- 
cated and physical or shared and virtual) 
is ready to start receiving applications 
and running. 

A Selection Of 
SoftLayer Solutions 

CloudLayer Computing 

Public, private, or bare-nnetal cloud connput- 
ing instances that let SMEs nnassively scale 
their connputing abilities within nninutes. 



CloudLayer CDN 

Content delivery network solution that dis- 
tributes content quickly and easily, reducing 
latency and traffic janns. 



CloudLayer Storage 

A secure, cloud-based storage systenn 
that ensures fast access to stored data 
fronn a variety of devices, including PCs, 
BlackBerrys, and iPhones. 



"We're focused on taking people out of 
every data center operation that they could 
possibly do," says George Karidis, Soft- 
Layer's chief strategy officer. "We're con- 
stantly trying to make it all as automated 
as possible. That leads to very streamlined 
and efficient delivery of IT services to 
data center environments." 

SoftLayer runs more than 21,000 
servers across three centers located in 
Seattle, Dallas, and Washington, D.C. 



Bonded by load balancing and 290Gbps of 
connectivity, these resources are suitable 
for Fortune 50 operations, but Karidis 
emphasizes that the same infrastructure 
and resources apply to small companies 
simply trying to pull their servers out of a 
closet and into a space with enterprise-cal- 
iber security, power, and redundancy. 
Moreover, pushing server costs out into 
remote facilities also turns the IT expense 
from a capital expenditure into an opera- 
tional one. It also alleviates the need to 
worry about periodic hardware refreshes 
and the legion of headaches that accompa- 
ny server migration. 

"We make it easy for companies to get 
their computing online, without managing 
power and all the boring stuff that they 
shouldn't be taking care of anyway," says 
Karidis. "Let someone like us who's good 
at it and can optimize that physical layer 
down step in so there's no need to reinvent 
the wheel." 

SoftLayer also handles the licensing of 
all major operating systems and many 
third-party applications. Software is actu- 
ally the crux of the company's value 
proposition. Day points out that many 
rival infrastructure providers tout API 
availability in the single digits; SoftLayer 
offers more than 1,400 API calls. 

"This was built with the idea that some- 
body out there's going to be running . . . 
some other data center management tool, 
and they'll want to integrate to that plat- 
form," says Day. "That's how the API was 
driven — not as an afterthought but as the 
foundation. Our portal is actually a subset 
of the API, not the other way around like a 
lot of our competition does. They hold 
things back in the API to force people into 
a working environment. We'd rather tie 
you into the service at a foundation level 
and let the interface be your own." 

If automation is SoftLayer' s first goal, 
then giving customers total control is its 
second. For example, if an IT department 



has evolved its own particular set of secu- 
rity rules and firewall settings, those can 
be applied to SoftLayer' s infrastructure, or 
SoftLayer has plenty of security templates 
that can be customized. Every server 
comes equipped with KVM over IP capa- 
bility so IT managers can manipulate the 
systems as if they were in a rack only a 
few feet away. The idea is to provide a 
virtual enterprise environment on a much 
lower cost basis than by having the 
resources on-premise. 

To Host Or Not 

SoftLayer does not offer managed ser- 
vices in the conventional sense, only man- 
aged computing resources, so although it 
doesn't offer disaster recovery services per 
se, some organizations do offload DR tasks 
to SoftLayer' s infrastructure, especially 
those with existing colocation capacity. 
This allows an organization to maintain sit- 
uations such as active-active configuration 
with appropriate load balancing but with- 
out the troubles of maintaining those 
resources locally. SoftLayer can also use 
its iSCSI SAN resources to let clients per- 
form system snapshots and replication. 

As good as it all sounds, though, 
SoftLayer is not a solution for every occa- 
sion. Often, enterprises won't let produc- 
tion applications travel off site. Consider a 
bank: Financial institutions might out- 
source the Web front end to a group such 
as SoftLayer, but all client data would 
need to stay in-house. Organizations tied 
to government often have similar restric- 
tions, and industry regulations may also 
mandate outsourcing limits. 

However, even if an application can't 
have its production apps hosted, those 



apps can still be developed and tested on 
outside resources. 

"It's really going to come down to the 
nature of the application you're hosting 
and what sort of requirements you have 
related to that," says Karidis. "The re- 
quirements could be internal rather than 
anything others are mandating. But I 
would say that if you've got a Web-facing 
app, you need to have high availability 
and the ability to scale. That's a great situ- 
ation for us to host." 

Better Today & Tomorrow 

Of course, there are other hosting 
options, both internal and outsourced. 



However, SoftLayer feels that its scale and 
extreme emphasis on automation help the 
company to realize a significant competi- 
tive advantage, much of which gets passed 
on to clients. Karidis states that with either 
SoftLayer' s cloud environment or its dedi- 
cated servers, customers can expect to 
save anywhere from 30 to 40% against 
direct competitors. Compared to typical 
colocation — having to buy the infrastruc- 
ture, maintain it, have spares available, 
staffing costs, high-performance network- 
ing, and so forth — savings can approach 
and even exceed 50%. 

To generate such savings, sometimes 
companies have to cut a lot of corners, 
including environmentalism. Fortunately, 
SoftLayer has made going green as much 
of a priority as "saving green" for clients. 
The company acknowledges that there's 
only so much that can be done to cut 
electricity consumption — these are data 
centers, after all. But SoftLayer worked 



SoftLayer 



extensively with its server manufacturer 
to strip every extraneous component pos- 
sible from its motherboards and cases, 
match lower-power CPUs and memory 
modules, and optimize each power sup- 
ply to arrive at a standard hardware 
design that would consume as little 
power as possible. 

Sustainability is just one way that 
SoftLayer is looking forward. Nathan 
Day believes the enterprise world is 
heading toward a hybrid environment, 
balanced between virtualization-based 



-SoftLayer's Nathan Day ^ 

cloud computing and dedicated servers — 
"just a raw OS on bare metal." Different 
workloads will be better suited to one 
environment or the other. For example, 
high-speed, I/O-oriented data belongs on 
dedicated hardware, where there's no 
hypervisor to slow transactions down. 
Web tasks are probably better suited to 
virtualized environments that can be 
dynamically adjusted based on load. 

"Our goal," says Day, "was to assemble 
a solution that lets customers pick and 
choose the model that makes the most 
sense for them, not just today but with the 
right architecture to scale and affordably 
meet their needs going forward." Q 



SOFTLAYER™ 



"Our goal was to assemble a solution that 
lets customers pick and choose the model 
that makes the most sense for them." 



(866) 398-7638 
www.softlayer.com 

• SoftLayer is known for its on-demand 
cloud computing and hosting services 
designed to help companies of all sizes 
increase productivity cost-effectively. 

• Its CloudLayer line of services helps 
SMEs do more with less capital 
investment. 

• "We're constantly trying to make [data 
center operations] as automated as 
possible. That leads to very streamlined 
and efficient delivery of IT services 

to data center environments," says 
George Karidis, SoftLayer's chief 
strategy officer. 
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I Windows Mobile Phone Sales Drop 
In Third Quarter 

According to Gartner, sales of smartphones 
running on the Windows IVIobile platform saw 
a 20% drop during the third quarter. Overall 
smartphone sales rose by 13%. The newest 
Windows Mobile operating system, Windows 
Mobile 6.5, was released in October, which 
was not soon enough to affect the third-quar- 
ter sales. The release of Windows Mobile 6.5 
prompted many analysts to predict a decline 
in sales for Window Mobile in the third quar- 
ter, but many were still surprised just how 
dramatic the decline was. Windows Mobile 7 
is due out next year. 

I Top 500 Supercomputers Named 

The TOP500 Project released its latest bian- 
nual list of the top 500 supercomputers in 
the world, with Jaguar, an AMD-based Cray 
XT5 system located at the Oak Ridge 
National Laboratory, taking the top spot. The 
previous leader, an IBM supercomputer 
called Roadrunner, moved to second place, 
with another Cray XT5 rig called Kraken 
rounding out the top three. The TOP500 
Project notes that this edition's entry level 
moved up considerably from 17.1 teraflops 
per second to 20 teraflops per second as 
processing technologies continue to improve 
in speed. Also of note is that 402 out of the 
500 systems employ Intel processing archi- 
tectures, although the top three systems are 
all AMD-based. 




I Time Warner Announces Date For 
AOL Spin-off 

Time Warner and AOL announced that they 
will officially separate on Dec. 9, with regular 
trading of AOL stock to begin Dec. 10. As 
part of the spin-off, on Nov. 27, Time Warner 
shareholders of record will receive one share 
of AOL stock for every 1 1 shares of Time 
Warner they own. The separation brings to 
an end a merger that began in 2001 , and that 
is widely seen as an error on the part of Time 
Warner. By spinning off the struggling 
Internet company. Time Warner hopes to 
regain lost profitability; AOL plans to focus on 
online media content and display advertising 
under the leadership of CEO Tim Armstrong. 

I Microsoft Claims 64-bit Windows 
Safer Than Ever 

According to a recent blog post from Micro- 
soft's Malware Protection center, 64-bit 
versions of Windows operating systems are 
less prone to attacks than their 32-bit coun- 
terparts. The claim is based largely on infor- 
mation gathered by the Malicious Software 
Removal Tool installed with Windows; 
according to the tool, 32-bit WinXP is 52% 
more likely to be infected by malicious code 
than 64-bit WinXP, and 32-bit Vista machines 
are 65% more vulnerable to attacks. Some 
analysts disagree with Microsoft's assertion, 
claiming that it's because of 64-bit systems' 
smaller user base that the systems are less 
vulnerable, as hackers are more interested 
in attacking widely used 32-bit systems be- 
cause they offer more potential targets. 



CLIENTS 



CASE STUDY 



Automated 
Data Extraction 
& Reporting 

Medical Discount Provider Speeds Data Delivery 
With Network Automation's AutoMate 



by Sue Hildreth 

For Prime Liberty, a Toronto-based 
outsourcer of medical savings programs, 
data delivery is a core part of its business. 
So when the company found that its manu- 
al process for formatting and preparing 
data reports for customers was taking up 
more and more time each day, it began 
looking for a software product that could 
automate the task. 

Prime Liberty contracts with wholesalers 
that represent doctors, dentists, chiroprac- 
tors, and other medical providers who are 
willing to offer discounts to subscribers — 
typically uninsured consumers who 
don't qualify for government 
healthcare programs and who pay a g 
monthly fee to receive these dis- 
counts. The wholesale benefits m 
providers who sell through Prime % 
Liberty receive daily reports on its 
membership and the services pur- 
chased. Preparing those daily reports is not 
a particularly complex task, but until a year 
ago, it was a task that required staff to 
spend two hours every morning hand- 
formatting the data. That's because Prime 
Liberty's clients needed their reports in dif- 
ferent formats, depending on the database 
they used and other factors, while all of the 
information on the members is stored in a 
Salesforce CRM database. 

"We deal with six to eight vendors, and 
each one has a different set of reporting 
requirements," says Randy Sicat, Prime 
Liberty's COO. "One might require 256- 
bit encrypted zip files; others won't but 
may have different naming conventions. 
They all have their reporting databases, 
some of them custom ones, and we have to 
adhere to their formatting requirements." 

Another issue for Prime Liberty was the 
company's plan to expand its business into 
other types of discount services programs, 
such as for gas stations, grocery stores, 
restaurants, and retail shops. Any expan- 
sion of the business would mean an expan- 
sion of the time required to hand-format 
client reports. That could increase the 
workload from two hours per day to eight 
or more, potentially requiring Prime 
Liberty to devote one or more employees 
to doing nothing but data formatting. 

Sicat decided that the situation called 
for an investment in automation and began 



looking at applications that could both 
translate data into various database for- 
mats and do the extraction and formatting 
on a preset schedule, with no attention 
from a human worker. The hope was not 
only to speed the delivery of the daily 
reports but also to free up IT staff for more 
important projects. 

Shopping For Process Automation 

One of the requirements of any data 
translation and transformation tool is an 
ability to extract and convert data from 
Salesforce. It also had to be able to trans- 
late the Salesforce data into whatever 
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requirements the customers needed, mean- 
ing it had to have support for a wide range 
of databases and custom database formats. 
Salesforce itself does not provide any data 
translation tools, although some of its part- 
ner developers sell translation tools. 

Prime Liberty, however, had a fairly 
long list of requirements that it needed, 
so the company first considered having 
an outside developer create a custom 
conversion program. However, the price 
that the contractor quoted for the work — 
about $10,000 to $15,000— was consid- 
erably more than Prime Liberty was will- 
ing to pay. Other options the company 
considered either didn't combine the 
scripting and scheduling functions that it 
wanted or were simply too complex for 
Sicat. "It didn't make sense for me to 
invest in a tool to write complex code," 
says Sicat. 

So when a colleague suggested to Sicat 
that he look into Network Automation's 
AutoMate, a business process automation 
tool that cost less than $1,500, Sicat was 
interested. AutoMate employs scripts 
to automate tasks such as batch file pro- 
cessing macros and other executables. 
The solution is aimed at midsized compa- 
nies that have complex scripts and custom 
coding or multiple human-to-computer 
processes that could be integrated and 
automated into one computer macro. 



Network Automation AutoMate 



Automates manual tasks; streamlines business processes; replaces legacy batch files, scripts, 
and custom application development; and enables employees to automate tasks without having 
to write any code. 

"It's helped us out a lot to have a completely automated sequence as opposed to having some- 
one sit and do a very tedious job," says Randy Sicat, COO of Prime Liberty. 

(888) 786-4796 | www.networkautomation.com 



Sicat and others in IT liked the nontechni- 
cal look and feel of the product as well as its 
drag-and-drop, plain-English interface, 
which lets employees format files using 
commands such as Move File, Find and 
Replace, or other common actions including 
terminal emulation, encryption, running 
embedded scripts, or automatically transfer- 
ring files to outside recipients via FTP. The 
software comes with 230 prebuilt actions 
that can be assembled sequentially in a task- 
building window to create a small program 
without the need to write code. To create an 
automated formatting process, an employee 
assembles several commands into a task 
building window. After the sequence of 
commands has been compiled, an error 
detection function in AutoMate highlights 
any bugs or incompatible commands. 

It took Sicat about a day to learn the 
basics of using the program and to com- 
pile an automated process for one partner. 
He was able to compile routines for the 
other seven partners the next day. 

Plans To Further AutoMate 

Prime Liberty's daily membership reports 
can now run on their own, without help from 
an IT employee. The AutoMate process 
takes the daily updates from Salesforce and 
handles all needed formatting changes. The 
Task Administrator lets employees schedule 
the processes that need to run and centrally 
monitor them for problems. 



TWORK 
TOMATION 



"It's helped us out a lot to have a com- 
pletely automated sequence as opposed to 
having someone sit and do a very tedious 
job," says Sicat. "We expect it's going to 
do a lot more for us, as there are a lot of 
processes here that could be automated." 

Automating the membership updates is 
saving Prime Liberty close to 10 hours 
each week in IT manpower, and the com- 
pany is also looking at other processes that 
could benefit from automation. One that is 
high on the list is billing. The company 
plans to use AutoMate to reformat and, if 
necessary, combine daily credit card trans- 
action files before submitting them to its 
merchant processors. Another plan is to 
automate the delivery of commission pay- 
ments to Prime Liberty agents. 

"We have agencies that sell our prod- 
ucts and we pay commissions to them on a 
weekly basis. That's one of a whole lot of 
processes that could be automated," says 
Sicat, adding that he still has a lot of learn- 
ing to do about how the software works. 

By automating more of these kinds of 
processes, Sicat estimates the company 
can save significantly on labor and speed 
service delivery for its customers. It will 
also allow Prime Liberty to add customers 
and partners without adding greatly to its 
administrative overhead. 

Sicat says the company expects to add 
five to 10 new wholesale vendors to its 
existing eight in the near future and also 
plans to expand into other types of con- 
sumer discount programs. All of these new 
customers will have their own reporting 
and administrative requirements. 

"It's growing on a daily basis as we're 
moving into more customer relationship 
management. We've got a few big ones in 
the pipeline right now," says Sicat, adding 
that he's "barely scratched the surface" of 
the types of tasks that he plans to automate 
down the road. 
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CLI ENTS 



Coping With 
Smartphone Anarchy 

Tips For Managing IVIultiple IVIobile Devices In Use At An Enterprise 



by Drew Robb 
• • • 

Mobile devices have forced their way 
into many organizations in a largely hap- 
hazard basis. Faced with mobile anarchy, 
many SMEs have initiated attempts to stan- 
dardize the equipment. But it's been an 
uphill battle, as most have been left with 
the puzzle of solving how you manage het- 
erogeneous platforms whether they want to 
or not. 



Key Points 



Adopt solutions that enable IT to inventory, 
nnanage, nnonitor, and audit nnultiple snnart- 
phone platfornns. 

Without adequate security, nnobile devices 
beconne the weak underbelly of corporate 
security. 

Snnartphones have to be labeled as per- 
sonal, corporate, or both, and policies 
should be set accordingly. 



"This is clearly a real problem for a lot 
of organizations, given the proliferation 
of device types in use," says Michael 
Osterman, president of Osterman Research, 
a company that expects employer- supplied 
mobile devices to double from 23% of the 
workforce in 2008 to 46% of the workforce 
in 2011. Thus, it's clear that managing the 
mobile user experience is only going to 
become more important and complex as 
time marches on. 

Effective management and support of 
mobile devices begins with a very basic 
step: achieving an understanding of 
what's actually connecting to a network. 



through over-the-air ActiveSync with 
AT&T support only," says Osterman. 

Personal Or Corporate 

The popularity of smartphones such as 
the iPhone and BlackBerry Storm has 
caused quite the confusion in IT depart- 
ments. As well as straining resources, the 
combination of both personal and corporate 
functions make it hard to draw a firm line 
in the sand between individual and compa- 
ny usage. Yet that issue has to be resolved 
in order to manage the devices. 

"Companies must develop clear enter- 
prise mobility policies and categor- 
ize smartphones as either corporate or 
personal phones in order to effectively 
manage technical issues [and] security 
issues and determine what data should 
be accessed," says Jose Ferreira, security 
architect at Forsythe Technology (www 
.forsythe.com). 

If they are categorized as personal, it 
eliminates a whole lot of support expenses, 
but employees still have to be taught how 
to secure their phones. 

If they are labeled corporate, on the 
other hand, it will create more work. But 
there are clear advantages and disadvan- 
tages. On the plus side, it will allow for 
the implementation of stricter policies 
and greater security. However, there 
will be many complaints from employees 
who want to use their devices for per- 
sonal purposes. 

This strategy will, however, boost 
support requirements considerably. With 
every mobile platform added, the help 
desk has more to deal with. If it isn't 
up to this task, a domino-like effect 
can occur. 



"IT must ensure they can quickly 
identify rogue applications and prevent 
them from accessing information on 
the corporate network." 



- Zenp rise's Ahmed Datoo 

Once you have that inventory done, you 
know what's needed in terms of plat- 
form support. Realize, though, that it 
takes lots of time to manage different 
devices and their related management sys- 
tems. Help desk costs go up and so does 
the potential for downtime in the mo- 
bile infrastructure. 

Therefore, it is rarely viable for an 
SME to support more than one device 
type simultaneously. So if there are multi- 
ple platforms already in operation, one 
possible solution is to work out what 
platform can be managed comfortably 
in-house and use a hosted service for all 
the others. 

"IT may decide to manage BlackBerry 
in-house using BlackBerry Enterprise 
Server and let iPhone users connect 



"The longer it takes to solve issues, the 
unhappier mobile users become and the 
more IT managers' reputation suffers," 
says Mitch Berk, director of product man- 
agement at BoxTone (www.boxtone.com). 

He made it clear that SMEs tend to 
underestimate the burden on management. 
Each smartphone platform requires an 
entirely different set of support processes 
and knowledge. However, management 
tools now exist that simplify the manage- 
ment of mobile technologies. 

"Enterprises are adopting solutions with 
the ability to automatically monitor, man- 
age, and troubleshoot multiple smartphone 
devices, including BlackBerry, iPhone, 
Windows Mobile, and Palm platforms," 
says Ahmed Datoo, vice president of mar- 
keting at Zenprise (www.zenprise.com). 



Supported Devices 

Osterman Research data indicates that 
88% of organizations in North America 
currently support BlackBerry devices, 63% 
support Windows Mobile, 37% support 
Palm, 28% support iPhones, and 12% 
support Symbian. 

Similarly, users are "demanding" or 
"clamoring for" BlackBerry (78%), 
Windows Mobile (47%), Apple iPhone 
(34%), Palm OS (25%), and Symbian 
(15%) devices. 



Mobile Security 

With mobile devices using core enter- 
prise apphcations and having access to sen- 
sitive data, security becomes imperative. 
As mentioned earher, an inventory is essen- 
tial for good management. You have to 
know every device that is connecting to the 



network in order to detect such things as an 
unauthorized mobile phone accessing criti- 
cal corporate data. 

IT managers, therefore, should certify 
smartphones before they are permitted onto 
the network. This inspection should check 
for viruses and ensure it is a secure device. 
As part of this step, it is a good idea to also 
analyze each mobile user's device. Simple 
tools are available to verify and monitor 
smartphone health. 

"IT managers should be able to, at any 
time, generate a complete inventory of all 
enterprise-connected devices to ensure they 
are certified and compliant with IT policy," 
says Berk. 

A major concern, of course, is the prolif- 
eration of rogue applications. Some of 
these may be perfectly harmless, though 
enough of them pose a minor or major 
threat to the enterprise. Again, mobile secu- 
rity management tools have to be deployed 
to detect and eliminate these applications as 
they are caught. 

"IT must ensure they can quickly identify 
rogue applications and prevent them from 
accessing information on the corporate net- 
work," says Datoo. 

Like intrusions on other equipment, 
there are simple preventive steps SMEs 
can take to guard against security breaches. 
Today's management tools typically 
enable IT to audit devices for third-party 
applications. In many cases, users will be 
surprised by what was actually lurking on 
their iPhone or BlackBerry, as even with 
strict corporate policies, users could down- 
load applications without knowing they 
might be a security risk to the corporate 
network, says Datoo. 
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Boosting Energy Efforts 

Strategies For Taking Energy Efficiency To The Next Level 



by Christian Perry 

Making a move toward energy efficien- 
cy is on the minds of many IT profession- 
als. In fact, CDW's 2009 Energy Efficient 
IT Report indicates that 52% of organiza- 
tions actively working to reduce energy 
consumption have cut IT energy costs. 
Although this initial effort is underway 



Key Points 



• Establishing a baseline can help data cen- 
ters deternnine how nnuch energy currently 
is in use and help in identifying areas where 
further energy cutting can be applied. 

• Shutting down unused servers, consolidat- 
ing servers, and using data reduction can 
all help to advance energy efficiency in the 
data center. 

• Consistent energy nneasuring and nnanage- 
nnent is critical for identifying problenn areas 
and forecasting future energy usage. 



and yielding results, there remains plenty 
of opportunity to reduce energy consump- 
tion even further. 

Part of the challenge is buy-in from the 
responsible parties in the organization. 



DATA CENTER MANAGEMENT 



consider the challenges of sustainability. 
In fact, potential future legislation around 
a carbon cap-and-trade system would 
mean that data center managers need mea- 
surement and reporting strategies in place 
to support their carbon footprint initiatives 
as well as controls that support their mea- 
surement requirements — perhaps as soon 
as 2010 or 2011, he says. 

Another more involved method revolves 
around power itself. Coutinho recom- 
mends investigating any cost- saving pro- 
grams offered by power companies, as the 
CDW report found that 63% of IT profes- 
sionals with access to utility rebates or 
incentives say that these incentives are 
applicable to the specific IT investments 
their organizations are planning. Further, 
92% of those professionals say that utility 
rebates or incentives are a significant fac- 
tor in their organizations' IT purchase 
decisions. 

Get Virtual 

Many experts agree that virtualization 
continues to be an effective answer to ris- 
ing energy costs. The CDW report found 
that 46% of IT professionals have imple- 
mented or are implementing server virtual- 
ization. "By having a virtualized pool of 
computing resources rather than one piece 
of hardware doing a single job, you can 
accomplish more computing with fewer 
physical machines. This results in less 
demand for power and cooling and there- 
fore, less energy consumption and costs," 
Alger says. 

However, CDW's Coutinho warns that 
data centers that jump into virtualization 
projects rarely decommission older servers 
and in turn actually increase their power 
and cooling footprint. As such, he recom- 
mends formulating a plan, getting the buy- 
in from upper management, assigning a 
project manager, and setting consolidation 
deadlines. "It is important to commit to a 
project and hold the project manager 
accountable if it is not done with the desir- 
able results," he says. E9 

Energy-Saving Tactics 

Plenty of opportunities exist for a data center 
to take its energy-saving efforts to the next 
level. Rob Ober, a fellow at LSI (www.lsi.com), 
offers the following tips. 

• Purchase only energy-efficient equipment. 
This includes Energy Star-rated servers 
and power supplies rated at more than 
90% efficiency. 

• Develop and implement a tiered storage 
strategy. Make sure the most critical data is 
placed on high-performance, high-power 
storage systems and that less-important 
data is stored on lower-power systems. 

• Establish policies that include data retention 
and elimination. 

• Investigate operating at a higher ambient 
temperature. This isn't always possible and 
requires careful isolation and management 
of cold and hot aisles. 

• Keep in mind that advanced, high-perfor- 
mance storage can raise server utilization 
considerably, in turn leading to more CPU 
usage per watt. 



The CDW report notes that 57% of organi- 
zations that ask IT to reduce energy costs 
have cut IT energy costs by 1% or more. 
Similarly, 60% of organizations that 
assign an IT advocate for energy efficien- 
cy have defined programs to manage and 
reduce energy use. 

Those that do buy in to an organization- 
wide energy program discover plenty of 
areas to cut energy costs, including the 
type of equipment selected for use in the 
data center, how that equipment is used, 
infrastructure tweaks, virtualization, and 
other opportunities. 

Take A Look Around 

According to Rob Ober, a fellow at LSI 
(www.lsi.com), it's important to establish 
a baseline and understand where energy is 
consumed in the data center. This baseline 
should encompass equipment such as 
servers, networks, and storage as well as 
cooling and conversion. For example, he 
says that server centers often utilize their 
servers at an aggregate of 15%, which 
results in plenty of wasted power. 

"The first step to optimize energy costs 
is to fully utilize what is already there," 
Ober says. "Perhaps more important is to 
rationalize activity onto the newest, most- 
efficient machines and take the step to 



Instantly Search 
Terabytes of Text 



IdtSearch 




instantly Seareh 
Terabytes olTextJ- 




includes 

64-bit 



♦ 25+ full-text and fielded data 
search options (with Unicode 
support for hundreds of 
international languages) 

♦ Built-in file parsers/converters 
highlight hits in popular file 
types 

♦ Spider supports static and 
dynamic web data; highlights 
hits with links , formatting and 
images intact 

♦ API supports -NEX C++, Java, 
SQUetc. .NET Spider API 



The Smart Choice tor 
Text Retrieval® since 1991 



'Bottom line: dtSearch manages a terabyte of text in a single 
index and returns results in less than a second" — InfoWorld 



dtSearch "covers all data sources 
engines" — eWEEK 



powerful Web-based 



'Lightning fast ... performance was unmatched by any other 
product" — Redmond Magazine 

See www.dtsearch.com for hundreds more reviews, and 
hundreds of developer case studies 



Fully-Functional Evaluations^ 



1-800-IT-FINDS (1 800 483 4637) • 301-263-0731 
www.dtsearch.com 



obsolete the least-efficient equipment, no 
matter how old. Once a baseline is estab- 
lished, identify the low-hanging fruit for 
the quickest, least-costly items to reduce 
energy costs." 

Using older, less-efficient equipment 
can't always be avoided, but when making 
new purchases, it's wise to opt for equip- 
ment that can cut energy costs but still 
provide optimum performance. Douglas 
Alger, IT architect for physical infrastruc- 
ture at Cisco (www.cisco.com) and author 
of "Grow a Greener Data Center," notes 
that focusing on energy efficiency when 
making IT hardware purchases is one of 
the easiest and most effective approaches, 
because the less electricity drawn by the 
server, storage frame, or networking 
device, the less that has to be conditioned, 
cooled, distributed, converted, and deliv- 
ered throughout the data center. 

The low-hanging fruit referred to by 
Ober includes a variety of actions, includ- 
ing arranging equipment in hot aisle/cold 
aisle configurations; powering down 
equipment that does not need to be used 
24/7; consolidating multiple application 
servers onto shared, single servers; and 
taking a data reduction (such as deduplica- 
tion) approach that's appropriate for the 
data center's backup and archival needs. 

Alger adds that sealing gaps in the data 
center will help to improve air distribution 
and give the cooling system a break 
(which in turn saves on energy costs). He 
recommends filling unoccupied cabinet 
space with blanking panels and covering 
floor tile notches where patch cords or 
power cords are passed through. He also 
advises that data centers observe good 
cable routing practicing to reduce clutter, 
decommission hardware that is nonessen- 
tial or poorly utilized, and install timers 
and motion sensors on lights. 

The Next Level 

Moving to the next level of energy effi- 
ciency can take some effort, but the payoff 
can be significant for years to come. 
Herman Chan, director of Raritan's Power 
Management business unit (www.raritan 
.com), recommends using a measurement 
and management system to help understand 
power consumption and environmental data 
at multiple points in a data center facility. 

"This can be achieved through intelligent 
rack PDUs with built-in outlet-level power 
monitoring and local rack tempera- 
ture/humidity monitoring or deployment of 
instrumentation technologies at the UPS, 
subpanels, and other upstream feeders," 
Chan says. "Having this instrumentation 
allows you to understand PUE [Power 
Usage Effectiveness] in the data center and 
see the impact of changes to the facility." 

Nathan Coutinho, a solutions manager 
with CDW, agrees, noting that the big pic- 
ture is crucial. "Businesses should put an 
energy management system in place to 
monitor power consumption and airflow. 
The [CDW] report found that organizations 
that do this are more likely to have effec- 
tive strategies to manage energy consump- 
tion. Over the years, it is important to ana- 
lyze the data and watch for trends," he says. 

According to Chan, this need for energy 
measuring and managing could even 
become a requirement in the future as data 
center owners are increasingly pushed to 
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News 



User Desktop 
Settings 



Playground Or Lockdown? 



by Curt Hurler 

Just how personal can an SME allow a 
worker's computer to be? Experts agree 
that there is a broad continuum of allow- 
able customization, and all say that defin- 
ing that continuum is a job too many 
SMEs neglect. However, it's one that they 
should focus on. 

"If there is no standardized Desktop, 
then the productivity of both the users and 
IT will go down," Nick Cavalancia, vice 
president of Windows Management for 
ScriptLogic (www.scriptlogic.com), says. 



Key Points 



Get on top of the situation early and stay 
on top of it. 

If possible, strive for a business-centric 
policy, if not a business-only policy. 
All users should be configured without 
adnnin rights. 



He notes that what is good for IT will 
probably be annoying to the user and vice- 
versa. "It's like a scale — there needs to be 
a balance between what makes things dif- 
ficult for IT and the user." 

Cavalancia says that where possible, 
SMEs should strive for a business-centric 
policy, not a business-only policy. He 
notes that many SMEs will migrate to 
Windows 7 soon, and that change presents 
a perfect opportunity to implement a 
Desktop policy. "Most organizations don't 
do anything," he says, "but there is no 
excuse not to do something today." 

Implementation 

Start by defining who needs access to 
what. A third-party program will be the 
most granular in this area, which, for exam- 
ple, allows only people in payroll to access 
payroll data. But what about access to a CD 
drive? It might be okay for some workers to 
bum their own CDs. Others might only be 
allowed to read them, while another group 
might not have access to CDs at all. 

"It's better to set the ceiling low and, if 
people bump their heads and can't do their 
job, then make exceptions," Cavalancia 
says. He would recommend building a 
plain- vanilla OS and adding various flavors 
to it. "Use a Desktop management platform 
to define today's standard for configuration 
of the machine," he says. Then add applica- 
tions. That way, IT has a uniform, basic OS 
and can add today's applications to it. 

Other things to consider are whether 
employees should be allowed to self-main- 
tain certain system settings, such as defrag- 
ging the hard drive. Additionally, many 
employees need to be able to self-install 
approved software and ActiveX controls. 

An SME should then create a pilot 
group, so IT can understand what users 
need and ensure that user productivity will 
not be affected. 

"The big thing is to plan it," says Dave 
Ortin, supervisor of network operations at 
Walworth County (Wisconsin) Govern- 
ment. He spent much time integrating the 



Active Directory and the policies they 
would enforce at the Desktop level. That 
was followed by a small departmental test. 
"The result was we had no issues at all 
with deployment," Ortin says. 

Administrator Rights 

SMEs can increase security and de- 
crease IT costs by enforcing Desktop 
settings. "One of the most widespread 
corporate security concerns is having 
users configured to run with local admin- 
istrator rights on their Desktops," says 
Scott McCarley, director of marketing at 
BeyondTrust (www.beyondtrust.com). 

For example, administrator rights can be 
used to alter a standard Desktop image, 
change security settings, or install unau- 
thorized software. He notes that most mal- 
ware and spyware requires administrator 
rights in order to install. 

McCarley says 92% of all critical vul- 
nerabilities disclosed by Microsoft in 2008 
can be mitigated by eliminating adminis- 
trator rights, and by removing administra- 
tor rights, SMEs can improve security and 
decrease costs. 

A recent Gartner report titled "Organi- 
zations That Unlock PCs Unnecessarily 
Will Face High Costs" found that organi- 
zations that remove administrator rights 
from users on a well-managed Desktop 
can reduce the total cost of ownership per 
Desktop by more than $1,200. 

McCarley is adamant that users should 
not have the final say when it comes to the 
security decisions for their Desktop. "A 
user should not be able to install unautho- 
rized software, configure certain settings, 
such as the firewall, nor should they deter- 
mine which processes can run with elevat- 
ed privileges," he says. "These decisions 
should be made by the IT department." 

"All users should be configured without 
administrator rights," McCarley continues. 
When a user logs in to a Windows com- 
puter, they can either log in with adminis- 
trator rights or standard user rights. With 
administrator rights, a user has complete 
control over the computer. A standard user 
is granted no special privileges and does 
not have administrative control over the 
computer. With administrator rights, a 
user can install any software or change 
any security setting they wish. 

But for most businesses, he says allow- 
ing users to put their puppy's photo on the 
screen saver or to install their own short- 
cuts is reasonable. 



"The most reasonable place to start is to 
at least define the business needs," 
Cavalancia says. Have a way to push out 
Registry tweaks, mappings, and a standard 
Outlook profile. 

Lock It Down 

Lockdown saves a lot of help desk time. 
Even if it takes only five minutes to discover 
that a Desktop icon was deleted and Word 
did not really disappear off the computer, 
allowing the user too much freedom can cre- 
ate situations that become a time-sink for IT. 

According to Cavalancia, some enter- 
prises will require a strict lockdown of the 
Desktop. A school district is a good exam- 
ple. The purpose of the school's comput- 
ers is to get school work done. There is no 
reason for any student to customize back- 
grounds or add applications. "Lock it 
down and allow only the applications you 
need," he advises. 

"We needed to lock down PCs so we 
were assured we wouldn't be running rogue 
applications or viruses, and we wanted to 
establish a baseline look for every PC in the 
County," says Ortin, as two techs maintain 
more than 600 Desktops county- wide. 

"We don't allow any end user or power 
user to have administrator rights at the 
PC level," Ortin continues. "We dictate 
where Word will point. PCs have a stan- 
dard background. Registry keys, and 
proxy settings. We've defined the home 
page and a standard look and feel for 
every PC in County government." 

Final Considerations 

Just how much freedom an SME gives 
its workers in setting their own Desktop 
appearance will depend on the company 
and its industry segment. In some cases, 
allowing a degree of freedom can be a 
boost to employee morale. In others, it 
will put the company in jeopardy of mal- 
ware or spyware attack. 

Ortin and other experts say it is not diffi- 
cult — or even expensive — to control the sit- 
uation. They note there are two basic 
approaches to Desktop lockdown: a white 
list or a black list. The first establishes per- 
mitted applications. The second forbids 
applications, restricting or denying use of 
anything not approved by IT. Both methods 
work, but much will depend on the indus- 
try. In a hospitality setting, for example, 
where many people use the same computer 
24/7, there is no need for any individual to 
customize the look or settings of any 
machine. Here, only IT-approved icons and 
programs should appear on the screen. 

But in an office where a computer is 
assigned to each user, allowing a personal- 
ized look or even applications is prob- 
ably reasonable. 

All agree that it is key to set user expec- 
tations early in the game so everyone is on 
the same page and workers do not become 
concerned that the business has lost trust in 
them as workers or is depriving them of 
exercising a "right" to customize their own 
Desktop appearance that really should be 
the province of company management. □ 



Why Should You Remove 
Administrator Rights? 

In a report conducted by BeyondTrust in early 2009, 
the company explored critical vulnerabilities report- 
ed by Microsoft over the course of the previous 
year. It was determined that the vast majority of 
Microsoft critical vulnerabilities could be mitigated by 
removing administrator rights. 

Source: Beyond Trust 




Intel & Numonyx 
Detail Phase Change 
Memory Advancement 

Intel and Numonyx, a company Intel formed 
with STMicroelectronics in 2008, recently 
detailed a breakthrough in their combined 
research into nonvolatile PCM (phase change 
memory) by demonstrating a 64Mb chip that 
allows for stacking multiple layers of PCM 
arrays on one die. The advance could lead to 
larger storage capacities in a smaller space 
with far less power consumption vs. NAND- 
based memory. 




The companies are scheduled to present a 
paper at the International Electron Devices 
Meeting Dec. 9 concerning the progress, 
which, according to a release, involves a 
"vertically integrated memory cell" called 
PCMS (PCM and switch) made up of "one 
PCM element layered with a newly used 
Ovonic Threshold Switch [OTS] in a true 
cross-point array." 

The companies state that the "ability to layer 
or stack arrays of PCMS provides the scala- 
bility to higher memory densities while main- 
taining the performance characteristics of 
PCM, a challenge that is becoming increas- 
ingly more difficult to maintain with traditional 
memory technologies." 

Resistant To Errors 

Rob Enderle, Enderle Group principal ana- 
lyst, says PCM-based memory is "very resis- 
tant to the kind of errors that plague flash and 
conventional memory and much faster than 
flash. Speed and reliability are huge advan- 
tages for the enterprise." Consumer-wise, 
Enderle says, price points aren't what are 
needed for mainstream adoption, but "high- 
end flash-based cameras are a natural first 
target for this memory" due to speed advan- 
tages. In data center use, Enderle says, PCM 
could mean faster speeds with less invest- 
ment required for error checking and possibly 
better security methods. 

Numonyx spokesperson Mark Miller says, 
"There's a lot of excitement around the transi- 
tion to SSDs, but very few who are taking a 
hard look at the technology behind SSDs and 
asking the tough questions." Although consid- 
erable system-level work is going into deploy- 
ing SSDs, Miller says, the question is, "Are 
we all sure the designs will apply beyond a 
generation or two?" A primary concern of 
SSDs in the enterprise is "how long the tech- 
nology will reliably perform at the levels and 
cost you need today and in the future." 

"Much has been said and written about PCM, 
but what is interesting about PCM is that 
retention is decoupled from endurance," 
Miller says. "This means that if we cycle a 
PCM memory device a million times or just 
one time, the data retention will be identical." 
Miller says this characteristic requires a fun- 
damental change in how we think about using 
and managing the technology. 

"There's a very promising alternative that 
should allow the industry to continue the tran- 
sition from HDDs to SSDs with confidence," 
Miller says. 

by Blaine Flamig 
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OPINIONS 



INFO-TECH • INSIGHT 



Laptops: Still Getting 
Stolen, Still Costing 
Organizations 



■ About two and half years ago, I wrote 
a column for Processor entitled 
"Enough With The Stolen Laptops Already!" 
It posited that the theft of laptops — and with 
them, confidential data records — was on the 
rise and that something needed to be done. 
Since that time, not only has the problem not 
gotten better, it has definitively gotten worse. 

How Much Really Goes Missing? 

The annual Computer Security Institute/ 
FBI "Computer Crime and Security Survey" 
shows that, since 2005, the percentage of 
organizations that indicate they have experi- 
enced laptop theft hovers right around 50. In 
simpler terms, half of all respondents indi- 
cate they have experienced at least one inci- 
dent of laptop theft. 

In and of itself, this isn't surprising — lap- 
tops are small and easy to steal. The more 
serious problem lies not in the loss of the 
devices, but in the loss of the data these de- 
vices house. The Open Security Foundation 
(or OSF, a not-for-profit organization with 
nothing to gain from fabricating numbers) 
tracks all reports that pertain to data breach- 
es. According to its data, 21% of all breached 
records are the result of stolen laptops. 

This data in most cases comes from volun- 
tary reporting; currently, few government or 



■ On April 22, 1500, after a journey that 
lasted a couple of months, Portuguese 
navigator Pedro Alvares Cabral discovered 
Brazil, opening a gateway to the New World. 
But it was a purely accidental finding, 
because the commander was trying to retrace 
Vasco da Gama's route to India (discovered 
in 1497), but in the end sailed so far west of 
the coast of Africa that he accidentally 
crossed the Atlantic and instead found 
Brazilian land. 

Perhaps Cabral' s accidental finding exem- 
plifies how smartphones are increasingly 
being utilized in new ways as they make 
their way from being primarily an enterprise 
segment to a mainstream consumer market 
opportunity. Smartphones characterize the 
next wave of computing, leading to a variety 
of novel and richer computing experiences to 
both consumer and business subscribers by 
enabling them to do more things "on the go" 
in a portable fashion. 

With a smartphone, users are able to con- 
nect and communicate (email, IM, social net- 
working, rich communications messaging); 
interact and collaborate (blogging. Twitter, 
Facebook, Linked In); navigate the Internet 
with the same richness of a desktop; be enter- 
tained (audio/video clips, picture sharing, 
YouTube, games); search for locations (LBS, 
local searching, mapping, directory services); 
transact (search, buy, do personal banking, 
shop); organize (calendar, presence-enabled 
address book, PIM, notes); get up-to-the- 
minute info (traffic or weather alerts, stock 




Author: James Quin is a senior research analyst 
with Info-Tech Research Group. Quin has worked in 
the IT field for more than 10 years, specializing in IT 
security services. Quin holds a B.A., an Honors B.Sc, 
and an M.Sc. from the University of Toronto. 

Send your comments to infotech@processor.com 



industry bodies mandate breach notification. 
Given that most enterprises, just like most 
individuals, don't like owning up to mistakes 
if they don't have to, the problem is likely 
much, much worse. So how bad is it really? 

Converting Percentages To Counts 

According to the OSF, 2.7 million data 
records were exposed as a result of laptop 
theft in 2006. The number jumped to 3.7 mil- 
lion in 2007 and held essentially steady at 3.6 



moves); be mobile (corporate email, mobile 
PBX extensions, sales force automation); and 
find new ways to increase their productivity 
during any downtime they might have. 

Transformational Shift 

The advent of the smartphone represents a 
transformational shift, as it converges four 
technology segments (mobile handsets, con- 
sumer electronics, Internet, and PC/comput- 
ing) that have also gone through rapid suc- 
cessive innovation waves. Smartphones also 
deliver users a brand-new quality of experi- 
ence, as they bring together communication, 
computing, and content all in a single device 
with the added convenience of being omni- 
present because of their portability. More 
importantly, a smartphone can deliver for- 
merly discrete media in a single terminal that 
can eventually become the main touch point 
through which consumers navigate the Web, 
answer emails, listen to music, watch video 
clips, or perform any number of other tasks. 

Given Moore's Law, newer designs, and 
price-volume curves, smartphones are 
becoming increasingly more sophisticated, 
with faster processors; multiple radios (sup- 
porting 3G, 4G, Wi-Fi); high-resolution dis- 
play; QWERTY input (touch screen or key- 
board); higher-capacity memory and SD 
cards; better barriers (sealed or removable); 
GPS; Bluetooth; high-res cameras; and sev- 
eral other features such as address book inte- 
gration, emailAVeb/phone integration, ambi- 
ent light, and accelerometer. 



miUion in 2008. By the end of July 2009, 2 
million records had been lost as a result of 
laptop theft. So over the span of just three 
and a half years, stolen laptops had account- 
ed for the loss of an astounding 12 million 
data records — and all of that on just 482 indi- 
vidual reported thefts. 

If we've established that half of all organi- 
zations lose at least one laptop a year, then a 
lot more than 500 laptops have been stolen 
since the beginning of 2006, and a lot more 
data records have been exposed. 

Converting Counts To Dollars 

So what does a lost laptop cost? A recent 
survey and report commissioned by Intel 
determined that average impact was $50,000, 
a big but hardly "the sky is falling in" num- 
ber. Digging deeper, however, reveals that 
the cost is probably markedly higher. 

The study breaks the data in quartiles and 
in doing so shows that in most cases, organi- 
zations value laptop loss at little more than 
the cost of the device, plus some associated 
downtime. The first three quartiles report an 
average loss of between $2,000 and $4,000 
while the fourth quartile calculates the value 
as $186,042 — a staggering difference and a 
number where the sky might be starting to 
fall in a bit. 

So, what's the difference between these 
groups? It can only be that the respondents in 
the fourth quartile experienced data loss they 
were willing to report and for which they 
could determine the cost. Given the other 
numbers we've seen, it's unlikely that only 
such a small portion of the respondents expe- 
rienced data loss. It's more likely that the 
first 75% of the respondents were either 
unwilling to indicate, or unable to value, their 
data losses. 




Author: Ronald Gruia is program leader and 
principal analyst at Frost & Sullivan, covering 
emerging communications solutions. 
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Market Drivers 

This year, we witnessed the continuation 
of an historic point of inflection that is sig- 
naling the change of the smartphone from a 
niche "gizmo" to a more mainstream device, 
as noted by the increased global smartphone 
penetration from about 3% of mobile phone 
users in 2007 to about 6% of the total wire- 
less handset base this year and an expected 
user base of more than 15% of total mobile 
users by 2012. Several factors are the cata- 
lysts behind this growth, including: 

• Successful launches of new smartphones 

• Better access, with the proliferation of 
faster 3G and 3G+ networks, coupled with 



Even if the lost data is determined to be 
value-less, the cost of notification — and 
breach notification laws are just around the 
comer in many cases — can be significant all 
by itself. 

What Can Be Done? 

The measures that organizations can, and 
should, adopt haven't changed in the past 30 
months, but given that the problem hasn't 
either, they bear repeating: 

Don't issue the laptop. The best way to 
ensure laptops stay safe is not using them. 
Some employees need the flexibility of 
working anywhere, but laptops are issued too 
easily. If it's a convenience, not a necessity, 
provide a desktop instead. 

Secure the laptop. If a laptop is neces- 
sary, make sure it's physically protected 
whenever possible. Supply a cable lock and 
mandate its use. And don't issue obvious 
computer bags; they're a dead giveaway 
to thieves. 

Limit the data. Because the true concern 
is the data rather than the device, restrict 
what information is allowed to walk out of 
the door in the first place. This means data 
must first be classified to control what is, and 
is not, allowed on the laptop. 

Encrypt the data. If data is allowed onto 
laptops, encrypting it is essential. That way, 
when the laptop is lost, the data isn't put at 
risk. Free encryption has been part of 
Windows since Win2000, so there's no rea- 
son for the enterprise not to use it. 

Wipe the data, track the laptop. 
Assuming the laptop is lost, steps can still be 
taken. Solutions exist that can remotely wipe 
the data and locate the laptop. They have 
limitations though and so shouldn't be relied 
on as the only defense. Isl 



the increased operator competition for 
data services 

• Higher demand of mobile email, browsing, 
and smartphone applications by the con- 
sumer/prosumer segments 

• Lower pricing for both the smartphone sets 
and the data services, which results in 
achieving the "sweet spot" of the market 

• Advances in handset technologies that cre- 
ate a more compelling end-user experience 

• Increased availability of third-party mobile 
apps on more open mobile applica- 
tion platforms 

• Growing mobilization of the enterprise 

Where open models are being promoted, 
smartphone users have easy access to select- 
ed third-party applications and the mobile 
Web, supported by increasingly more afford- 
able flat-rate data plans. Some operators are 
also forming alliances with a host of well- 
known brands such as YouTube, eBay, and 
MySpace to preinstall popular third-party 
applications on select smartphone models. 
Certain services will even be integrated with 
devices. With this strategy, operators are cre- 
ating a customer value proposition based on 
reach, scale in product development, and 
customization encouraged by simple, trans- 
parent pricing models. 

Mobile data services that are being stimu- 
lated by the fast adoption of smartphones and 
data cards have been a critical growth driver 
for wireless carriers, compensating for secu- 
lar pressure on voice revenues. For instance, 
in the third quarter, U.S. operators reported 
about 30% year-over-year growth in mobile 
data revenues compared to flat-to-down rev- 
enues attributed to voice services. Despite 
the recent growth. Frost & Sullivan data sug- 
gests that the best is yet to come for smart- 
phones, with many years of strong growth 
driven by new features and lower prices. Q 
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Strive For Efficient, 
Cost-Effective IT 

Foundation Of Green IT: Consolidation, 
Virtualization, Efficiency, And ROI In The 
Data Center 



Author: Marty Poniatowski 
Price: $44.99 



Publisher: Prentice Hall 
Format: Paperback, 352 pages 



by Kurt Marko 

Green seems to be the all-purpose adjec- 
tive for anything novel, innovative, or just 
plain good in IT — a 21st century counterpart 
to the '90's dot-com 'e' prefix (e-commerce, 
e-business, e-services). Unfortunately, like 
that overused modifier, the definition of 
green is malleable, with marketeers festoon- 
ing it on everything from disruptive tech- 
nologies that improve efficiency to PC recy- 
cling campaigns. 

Perhaps seeking to capitalize on the indus- 
try' s green preoccupation, Marty Poniatow- 
ski, author of "Foundation of Green IT," 
adopts the term to encompass several IT 
trends. As clarified in his subtitle, these are 
data center consolidation, server and storage 
virtualization, and hardware efficiency, all 
of which can yield great returns on IT 
investments. His goal is "to think about effi- 
ciency in information technology from a 
global standpoint. This means looking at all 
technologies in the data center and how they 
can be made more efficient." 



Far from an abstract, theoretical treat- 
ment of methods to lower IT's carbon foot- 
print or otherwise reduce environmental 
damage, Poniatowski has created a step-by- 
step handbook for IT practitioners seeking 
to update their dated, inefficient, legacy 
infrastructure to the standards required of a 
modern information utility, all without 
busting notoriously tight budgets. 

Drawing upon his more than 20 years of 
experience as a solution architect and techni- 
cal consultant, the author presents case stud- 
ies, architectural details, planning, design 
tools, and ROI calculations for data center 
improvement projects. Sections of the book, 
which cover everything from servers and 
storage to networking and facilities, follow a 
similar pattern: Starting with an overview of 
an inefficient environment, they go on to 
introduce specific planning and analysis soft- 
ware tools useful in understanding the cur- 
rent state and designing alternatives. Other 
chapters describe an optimized design, with 
each section concluding with an implementa- 
tion plan outline and sample ROI analysis. 



Hottest Trends 

As the subtitle suggests, "Foundation of 
Green IT" begins by examining one of IT's 
hottest trends: server consolidation through 
virtualization. As the author's purpose is to 
provide concrete, practical examples, the 
book doesn't discuss abstract virtualization 
technologies but illustrates how market- 
leading VMware can be married with blade 
servers to achieve an 11-to-l reduction in 
servers, 90% power and cooling savings, 
and almost 400% ROI. This is a handbook, 
not a narrative, so the chapters are full of 
screen shots and tabular output. 

The next section covers backup, recov- 
ery, and archiving, again focusing on 
designs and technologies, such as shared 
SAN arrays, VTLs, and deduplication, that 
enable consolidating a hodgepodge of dis- 
crete backup servers and their local tape 
drives into a centrally managed, enterprise- 
wide archiving and disaster recovery envi- 
ronment. The author is less ambitious when 
tackling the network environment but, fol- 
lowing the consolidation theme, provides 
an example of how an accumulated rack of 
small 10/100 edge switches can be col- 
lapsed into a single-switch chassis with a 
high-performance lOGbE backbone. 

The book concludes with a section of 
miscellaneous green topics ranging from 
database consolidation to PC power man- 
agement, but the most substantial chapter 
outlines data center design techniques for 
improving power efficiency, airflow, densi- 
ty, and cabling. 

Working through "Foundation of Green 
IT" is like watching over the shoulders of a 
team of experienced systems architects as 



they attack a sprawling and deteriorating 
IT environment with their toolbox of tech- 
nological tricks, analysis software, and 
accumulated wisdom to transform it into 
an efficient, scalable, and cost-effective IT 
factory. Those looking for a general survey 
and technical depth on various green tech- 
nologies should look elsewhere, but for IT 
pros seeking a detailed roadmap for updat- 
ing their stagnating, unmanageable infra- 
structure, Poniatowski has produced a 
practical and concise guide. 

Key Concepts 

• Green IT is more than just power savings; it 
is about the myriad technologies and infra- 
structure designs that can make data centers 
more efficient to both operate and manage. 

• The foundation of any green redesign entails 
infrastructure consolidation: of servers using 
virtualization, storage with large SAN arrays, 
backup and archiving through networked 
VTLs, and networks through high-density 
router and switch chassis. 

• Although infrastructure consolidation pro- 
jects involve significant up-front capital 
investments, detailed project plans, and 
non-trivial implementations, their ROI can 
be substantial — often several times the 
original expenditures. 

• Vendors offer (often bundled with their prod- 
ucts) a variety of automated auditing, inven- 
tory, and analysis software that can quickly 
highlight inefficiencies or problems in exist- 
ing infrastructure and information necessary 
to optimize a new solution architecture. 
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AlphaServer GS160 Model 16 

Base System for OpenVMS 

• DY-160CG-AA 

• One Alpha 21264 Processor 1224 MHz 

• Four Quad Building Blocks 

• One 14-Slot PCI Shelf 

• OpenVMS Operating System License 

ALSO AVAILABLE: 

• Additional 1224 MHz CPU w/SMP 

• Additional Memory 

• Additional PCI Shelves 

• Additional PCI Options 
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DOD Level Data Destruction 
Epa Recycling/Reuse 
Ongoing Support Plans 
Technology Refresh/Install Programs 



At DMD Systems Recovery, we remove the headache from asset 
disposal. We can manage the whole process from delnstallation to 
asset remarketing. We worry about data destruction, EPA 
regulations, logistics, and insurance so that you don't have too. 
Don't tie up your resources or take chances with you data or 
environmental issues. Call DMD today. 
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call (800) 247-4880. 



Physical Infrastructure 



BayTech was founded in 1976 and, since the 1990s, has 
developed unique products for remote power management. 
The company uses printed circuit board instead of wires for a 
better, more resilient connection between the data center 
equipment and the receptacle. BayTech provides an exten- 
sive Web site with brochure downloads, warranty informa- 
tion, and reseller support and also offers evaluation units for 
data centers. 

Products Sold: 

• Power control, distribution, management, and metering 

• Power transfer switches 

• Console management and remote site management 



(800)523-2702 I www.baytech.net 



Physical Infrastructure 



PDUs 



direct 



Established in 2008, PDUsDirect.com is an online whole- 
saler providing a select line of PDUs for server and net- 
worked environments. PDUs Direct's basic, metered, and 
switched Rack PDUs provide local and remote power 
management, power monitoring, and environmental moni- 
toring. We pride ourselves in offering industrial-grade qual- 
ity products at the lowest prices, with the fastest shipping 
(most orders shipped within 24 hours) and simplest pur- 
chase process. 

Products Sold: 

A complete line of 20A PDUs, including metered, basic, 
and switched. 



751-7387 I pdusdirect.com 



Physical Infrastructure 



TEMPERATURE@LERT' 

USB TEMPERATURE MONITOR WITH EMAIL ALERTS 



Boston, Mass., -based Temperature @lert manufactures 
products designed to be as simple as possible to provide 
the most reliable temperature monitoring for your IT equip- 
ment. Temperature® lert has been growing at a steady, 
measured pace, which allows it to exceed customer expecta- 
tions in terms of product quality and support, and its cus- 
tomer support staff is composed only of members of its prod- 
uct engineering team, ensuring superior support. 

Products Sold: 

USB and Wi-Fi versions of the Temperature @lert device, 
which monitors data center temperature, alerts you to 
problems, and takes corrective action as needed. 



(866)524-3540 I www.24sensor.com 



Physical Infrastructure 



AUSTIN 

Founded in 1995, Austin Hughes Electronics is a design and 
manufacturing company offering a broad range of electro- 
mechanical products based on 19-inch rackmount technolo- 
gy. Austin Hughes has ISO 14001 & 9001 -approved design, 
manufacturing, assembly, and test facilities in Hong Kong 
and China. It has sales offices throughout the Asia-Pacific 
region as well as Europe and the United States, supporting 
a worldwide distributor network. 

Products Sold: 

• Rackmount LCD keyboard/KVM drawers 

• Rackmount serial console LCD keyboard drawers 

• LCD screens 



www.austin-hughes.com 



Physical Infrastructure 



CYBERfiaSWITCHING® 



Cyber Switching began pioneering power distribution 
technologies in 1994. Our PDUs are used to power cycle 
and manage power to blade servers, routers, SANs, and 
other data center equipment. Our intelligent PDUs can 
monitor current individually by outlet and also provide virtual 
circuit breaker protection on an individual outlet basis. No 
other PDU on the market offers these unique features. 



Products Sold: 

• Intelligent power management 

• Value-added power management 

• Metered power distribution 

• Three-phase power distribution 



Energy management 
and control 
Switches 
Patch Panels 



(888)311-6277 I www.cyberswitching.com 



Physical Infrastructure 



RACKIMOUNT 

SOLUTIONS, Ltd 

' where customer service matters^ 



Rackmount Solutions' mission is to listen to the IT engi- 
neer's specific needs and deliver superb-quality, high-per- 
formance products through continuous product innovation 
and operational excellence. We pride ourselves in provid- 
ing quality customer service, products that fit your IT 
requirements, and solid value for your money. 

Products Sold: 

• Wallmount and server racks and cabinets, including 
sound proof, air conditioned, and large cable bundle 

• Desktop/tabletop portable racks 

• Shockmount shipping cases 

• Bulk cable 



(866)207-6631 I www.racldnountsolutions.net 



Physical Infrastructure 



wrig 



ht 



I ne 



Wright Line offers a line of airflow management solutions, 
server enclosures, power distribution, and cable manage- 
ment solutions for the data center and mission-critical moni- 
toring consoles for the network operations center. Profes- 
sional services include CFD modeling that constructs a virtu- 
al representation of your data center, modeling the impact of 
load distribution and the flow of hot and cold air within the 
space. Wright Line handles the complete process, including 
product design, manufacturing, distribution and installation. 

Products Sold: 

Enclosures, airflow management solutions, heat 
containment systems, and command consoles 



(800)225-7348 | www.wrightline.com 



Physical Infrastructure 



^ AVTECH 



AVTECH Software, founded in 1988, is focused on making 
the monitoring and management of systems, servers, net- 
works, and data center environments easier. AVTECH pro- 
vides powerful, easy-to-use software and hardware that 
saves organizations time and money while improving opera- 
tional efficiency and preparedness. AVTECH products use 
advanced alerting technologies to communicate critical status 
information and can perform automatic corrective actions. 

Products Sold: 

A full range of products that monitor the IT and facilities 
environment, including temperature, humidity, power, 
flood, room entry, and UPS 



(888)220-6700 I www.AVTECH.com 



Physical Infrastructure 



Powering Business Worldwide 



Eaton has many global brands that provide customer- 
driven PowerChain Management™ solutions to serve the 
power system needs of the industrial, institutional, govern- 
ment, utility, commercial, residential, IT, and mission- 
critical OEM markets worldwide. For more than 40 years, 
Eaton has worked closely with customers to meet their 
requirements for innovative, end-to-end power protection 
and management solutions. 

Products Sold: 

• UPSs 

• ePDUs, including Basic, Metered, Monitored, Advanced 
Monitored, Switched, and Automatic Transfer Switch 



(877)785-4994 I www.epdu.com 




Physical Infrastructure 



Server Technology 

Soiulions for the Daia Center Equipment Cabinet 



Server Technology is committed to the PDU market with the 
largest group of engineers dedicated to power distribution 
and other solutions within the equipment cabinet. Advance- 
ments in device power monitoring help data centers monitor 
and improve their efficiency, and continuous research and 
development is fueled by companies that look to Server 
Technology for their custom cabinet power solutions. 

Products Sold: 

A complete line of cabinet PDUs, including Per Outlet 
Power Sensing (POPS), Rack Mount Fail-Safe Transfer 
Switch, Console Port access with remote power manage- 
ment. Switched, Smart, Metered, Basic, and -48 VDC 



(800)835-1515 I www.servertech.cotn 



Storage 



Adaptec provides I/O solutions that protect, accelerate, opti- 
mize, and condition data. Adaptec products are used in IT 
environments ranging from on-demand cloud computing to 
traditional enterprise data centers. The company's products 
enable data center managers, channel partners, and OEMs 
to deploy storage solutions to meet their customers' evolving 
IT requirements. More information is available at www 
.adaptec.com, on its blog at storageadvisors.adaptec.com, 
and at adaptec.com/facebook and twitter.com/Adaptec_lnc. 

Products Sold: 

Data storage I/O products, including ASICs, HBAs, SATA/ 
SAS and SCSI RAID controllers, and software for IP SANs 



(408) 945-8600 | www.adaptec.com 
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PRODUCTS 



Established in 1983, CIVIS Products is a leading innovator 
in data backup, encryption, and security technology. CMS 
Products has received global recognition for its work in 
developing leading-edge, easy-to-use products that 
revolutionize the notebook and desktop data backup/ 
restore and storage industry. 

Products Sold: 

• Backup and restore disaster recovery software and sys- 
tems, including laptop, desktop, and secure versions 

• Laptop hard drive upgrades 

• Data security products, including encryption software, 
encrypted portable backup, and encrypted flash drives 



(800)327-5773 | www.cmsproducts.com 



Servers 



lAJinj 



IN-WIN Development Inc., an ISO 9001 manufacturer of 
professional computer chassis, power supplies, and digi- 
tal storage devices, is the leading provider of enclosure 
solutions to system integrators worldwide. Founded in 
1986, IN-WIN provides high-quality chassis that conform 
to all safety regulations, as well as unsurpassed cus- 
tomer service. 

Products Sold: 

• Computer cases 

• Server cases 

• Power supplies 

• Storage devices 



(909)348-0588 | www.in-win.us 



Information 
Technology 
Trading 



At Information Technology Trading, our goal is to help you 
acquire the right hardware or software solution. We special- 
ize in purchasing and reselling data-processing equipment 
and have more than 21 years combined experience. We pro- 
vide services and system upgrades, DASD, communication, 
and memory. We're also an outlet for off-lease portfolios. 

Products Sold: 

• AS400, Advanced System/36, R/S6000, ES/9000, and 
PC systems (including lease and rental) 

• CPUs, memory, disks, tapes, displays, and controllers 

• Services, including system design and installation, 
maintenance, and buyback of existing hardware 



(877)715-3686 I www.itechtrading.com 



G/erland 

S T O R A G 

Simply Protected 

Located in San Diego, Calif., Overland Storage delivers 
embedded data protection, disk-based backup, and flexible 
virtual tape libraries. Its high-performance solutions offer safe 
and readily available data management options for midrange 
and distributed enterprises through international OEMs, 
value-added resellers, distributors, and storage integrators. 



Products Sold: 

• SAN data protection appliances 

• NAS data protection appliances 

• Disk backup and recovery appliances 

• Tape backup and archiving libraries 

• Embedded storage operating system software 



343-7627 | www.overlandstorage.com 



Clients 




dtSearch' 

www.dtsearch.com 



Maryland-based dtSearch started research and develop- 
ment in text retrieval in 1988. The company is known for 
speedy adoption of new programming standards, OSes, 
and file types. Plus, it has a flexible licensing model. 
Typical corporate use of dtSearch includes general infor- 
mation retrieval, Internet and intranet site searching, and 
email archiving and email filtering. 

Products Sold: 

Text retrieval products, including: 

• Desktop With Spider • Web With Spider 

• Network With Spider • Engine For Win & .NET 

• Publish For CD/DVDs • Engine For Linux 



(800)483-4637 I www.dtsearch.com 



Pace 




Butlep 



• PaceButler buys used cell phones. 

• In business since 1987 

• Redeploy your used phones after upgrade 

• Donation option - directly to the non-profit of your choice 

• Dedicated to customer satisfaction 

- A+ Rating with the Better Business Bureau 

- Payment issued in four days 

• Dedicated to employee development 

- Book reading program 

- Health and fitness programs 

Products Sold: 

We buy used cell phones & PDAs, including Apple, LG, 
Blackberry, HTC, Motorola, Nextel, Nokia, PalmOne & 
Samsung. 



(800)248-5360 I www.pacebutler.com 



TOTAL DISK BACKUP 



Revinetix designs and manufactures data backup and 
recovery technology for small businesses and enterprises. 
Revinetix' technology centers on its D2D2D® 
(Disk2Disk2Disk®) backup philosophy. The total disk- 
based backup offering is preinstalled with RevOS man- 
agement software that includes deduplication, BMR, and 
support for offsite archiving and replication. 

Products Sold: 

• Enterprise-class disk backup appliances 

• Disk2Disk2Disk backup 

• RevOS software preloaded onto appliances 

• Deduplication, replication, and BMR 



(866) 956-3782 | www.revinetix.com 




IGS is an independent manufacturer and source of supply, 
service, and depot repair of obsolete Digital Equipment 
Corp. parts, products, and systems. We maintain an exten- 
sive inventory of DEC parts and equipment; some date from 
the 1960s. We refurbish and service these parts, adding 
current technology when applicable. We provide Advance 
Replacement Service within 24 hours if we have the item in 
stock and, with 75,000 stock items, chances are we will. 

Products Sold: 

Digital Equipment Corp. parts, products, and systems, 
including memory, storage, processors, display and video, 
printers, and cables, for repair, lease, or rental 



332-7278 I www.decparts.com 




In 1987, Pegasus Computer Marketing started providing 
mainframe products to the end-user market. What began as 
a sales-only organization soon adapted to offer in-house 
repair and refurbishment. During the past 10 years, Pegasus 
has focused primarily on the point-of-sale and barcode 
industries, buying, selling, and providing service contracts for 
anywhere from a few scanners to hundreds. 

Products Sold: 

We buy, sell, and service: 

• Point-Of-Sale Equipment and POS/PC Flat Panels 

• Wired and Wireless Barcode Hardware 

• Kronos Time Clocks and Accessories 



(800)856-2111 I www.pegasuscomputer.net 
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CyberView™ 



Gate KVM access over IP from anywhere around the world 



CyberVieW 



CyberView 



O O O O CD Matrix 



i 




PS/2 dongte 



DVI dongle 



USB dongle 



Cat6 cable from KVM port to server end up to 40 meters 
Cats cable up to 300 meters to remote access server 
8 / 16 / 32-port available 
IP-based remote access function available 

Matrix KVM allows simultaneous users for efficient system management 




Gate IP KVM 8/16/32 port 





Matrix Cat6 IP KVIV1 16 / 32 port 



1U 17"/ 19" 
LCD KVM Drawer 



Full range KVM integration 



1U Dual Slide ir 
LCD KVM Drawer 




1U20" 
1600x1200 






8U 19" Widescreen 
LCD Quad Display 



1U 19" Widescreen 
1440x900 




8U 22" Widescreen LCD 
1680x1050 





1U20" LCD Drawer 
1600x1200 



AUSTIN 



Austin Hughes ^^^^^M 

At Austin Hughes, we are committed to providing 

our customers with quality products and excellent services. 



Quality Commitment ^^^^^H__ 

We insist upon using quality components in our products such as the Samsung A++ class LCD^^^^^BB 
panel, which has an extended product life of more than five years. With an average defect rate of less 
than 1% during our two-year free service warranty, we want to ensure our customers' complete satisfaction. 



Service Commitment 

Our California service center is dedicated to provide outstanding services to our customers; we complete most RMA 
repairs within seven working days. 



Full Range Product Series 

In addition to our excellent services, we offer a full range of products such as LCD KVM drawers, LCD display panels, keyboard drawers 
and KVM switches to meet our customers' needs. 



Please contact our distributors for product inquiries. 



